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Description 

TECHNICAL FIELD 

[0001 ] The present invention relates to a data record- 
ing apparatus for recording digital data, a data repro- 
ducing apparatus for reproducing the digital data, a data 
recording/reproducing system and a data record- 
ing/reproducing method, wherein the period for repro- 
duction or the number of reproductions of the digital 
data is limited on the basis of copyright and the like. 

RELATED ART 

[0002] At present, AV data, such as movies and 
music, to be protected by copyright is stored on video 
tapes and the like. A user can appreciate movies, music 
and the like by renting a video tape or the like only for a 
predetermined period, for example, one week, through 
a rental shop for renting such video tapes and the like at 
cost, and by reproducing it 

[0003J On the other hand, unlike the above-mentioned 
rental system for video tapes and the like, thanks to the 
progress and the like in the digital technology and the 
encrypting technology, it is possibles devise an appa- 
ratus capable of receiving programs for movies, music 
and the like from broadcasting stations via a communi- 
cations satellite, contents-encrypting the programs, 
recording them on video tapes and the like, and repro^ 
ducing them. 

[0004] If it is possible for users to record and repro- 
duce satellite broadcasting as desired, recorded pro- 
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the data on a recording medium. Since the recorded AV 
data does not include Macrovision, images can be out- 
put in accordance with the same reproduction method 
as that for ordinary AV data. 

[0006] Amounts of the billing information for reception 
and the billing information for recording recorded on the 
IC card in accordance with the above-mentioned proce- 
dures, corresponding to a certain period, are transmit- 
ted to a provider via telephone lines or the like. The 
above-mentioned description is given with respect to a 
satellite broadcasting data recording/reproducing sys- 
tem wherein an STB apparatus and a VTR apparatus 
are independent from each other; however, it is possible 
to use a type wherein the functions of the apparatuses 
are integrated in a single apparatus. 
[0007] However, in the case of the above-mentioned 
rental system for video tapes and the like, a user must 
visit a rental shop and rent video tapes and the like each 
time, even in the coming multi-channel digital broad- 
casting age, this being as troublesome and inconven- 
ient for the user as ever. 

[0008] The above-mentioned recording/reproducing 
method, however, has problems; the recording medium 
on which recording is carried out once can be repro- 
duced any number of times, and the recording medium 
can be copied easily. 

[0009] In conventional recording/reproducing appara- 
tuses, the effective reproduction period and the effective 
number ^reproductions for AV data to be protected by 
copyright, such as movies and music, become limitless. 
For example, if specially valuable AV data, such as a 
movie just released at theaters, is recorded on a record. 


users to an indefinite number of users; therefore, it is 
indispensable for providers to take measures against as 
this. First, a procedure for receiving a desired program 
will be described below. When a user selects a desired 
program, billing information for reception regarding the 
charge for receiving the program is recorded on an IC 
card. The data of each program is scranfcled as a rule; 40 
therefore, only when the billing information for receiving 
the program has been recorded on the IC card, STB 
descrambles the scrambled data, and images are out- 
put to a display in a descrambled condition. However, 
even if the STB descrambles the scrambled data, since 45 
a copy prevention signal (Macrovision) is included in the 
AV data, even if the data is recorded on a recording 
medium in this condition, reproduced images are dis- 
turbed at the time of reproduction. 
[0005] Next, a procedure for recording/reproducing a so 
desired program will be described below. When a user 
selects a desired program to be recorded, billing infor- 
mation for recording regarding the charge for recording 
the program is recorded on the IC card. Only when the 
billing information for recording of the program has been ss 
recorded on the IC card, the STB cancels the above- 
mentioned Macrovision, and undisturbed AV data is out- 
put to a VTR apparatus, and the VTR apparatus records 


ing no limitations with respect to the reproduction period 
and the number of reproductions as mentioned above 
the value of the AV data would be lowered in half. In 
other words, a broadcasting station cannot broadcast 
such specially valuable AV data without worry. 
[0010] As a measure to cope with the above-men- 
tioned problems, a method has been proposed, wherein 
the IDs of the STB and/or VTR apparatuses used for 
recording the AV data are also recorded on a recording 
medium on which AV data has been recorded so that 
the data cannot be reproduced if an attempt is made to 
reproduce the data by using apparatuses having differ- 
ent IDs. However, if apparatuses having no ID recogni- 
tion function are used, this causes a problem of making 
reproduction possible regardless of the coincidence of 
ID. Furthermore, on the assumption that all apparatuses 
have the ID recognition function, if such an apparatus 
cannot be used because of an unrepairable failure or 
breakdown, this causes a problem of making the repro- 
duction of the AV data recorded on the recording 
medium impossible, since the ID inherent in the appara- 
tus is used. 
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present invention records data; 
FIG. 22 is a flow chart showing the flow of data at 
the time when the data recording/reproducing sys- 
tem in accordance with the seventh embodiment of 
the present invention reproduces data; 
FIG. 23 is a configuration view showing the config- 
uration of a data recording/reproducing system in 
accordance with an eighth embodiment of the 
present invention; 

FIG. 24 is a flow chart showing the flow of data at 
the time when the data recording/reproducing sys- 
tem in accordance with the eighth embodiment of 
the present invention records data; 
FIG. 25 is a flow chart showing the flow of data at 
the time when the data recording/reproducing sys- 
tem in accordance with the eighth embodiment of 
the present invention reproduces data; 
FIG. 26 is a block diagram showing a recording 
apparatus and a reproducing apparatus in accord- 
ance with a ninth embodiment of the present inven- 
tion; 

FIG. 27 is a view showing an example of a key- 
encrypting key Kx list used for the recording appa- 
ratus and the reproducing apparatus in accordance 
with the ninth embodiment of the present invention; 
FIG. 28 is a block diagram showing a recording 
apparatus and a reproducing apparatus in accord- 
ance with the present invention, different from FIG. 

FIG. 29 is a block cfiagram showing a recording 
apparatus and a reproducing apparatus in accord- 
ance with the present invention, different from FIG. 
26 or 28; 

FIG. 30 is a block diagram showing a recording 
apparatus and a reproducing apparatus in accord- 
ance with the present invention, different from FIG. 
26, 28 or 29; and 

FIG. 31 is a block diagram showing a recording 
apparatus and a reproducing apparatus in accord- 
ance with the present invention, different from FIG. 
26, 28, 29 or 30. 

BEST MODES FOR EMBODYING THE INVENTION 

[0016] Embodiments of the present invention will be 
described below referring to the drawings. 


(First embodiment) 

[001 7] A first embodiment of the present invention will 
be described below referring to the drawings. 
[001 8] FIG. 1 is a configuration view showing the con- 
figuration of a data recording/reproducing system in 
accordance with the first embodiment of the present 
invention. The data recording/reproducing system in 
accordance with the present embodiment comprises an 
STB (Set Top Box: satellite broadcasting receiver) 1, an 
IC card 2 for providing information, such as a user ID, to 


the STB 1 , an antenna 3 and a display 4, connected to 
the STB 1, and a VTR apparatus 5 corresponding to a 
VTR apparatus in accordance with the present inven- 
tion, and a recording medium 6 on which data is 
5 recorded/reproduced by the VTR apparatus 5. 

[001 9] The StB 1 comprises a card reading means 1 0 
for reading information recorded on the IC card 2 and for 
recording necessary information on the IC card 2, an 
STB information storing means 17 for storing informa- 
10 tion, such as the device ID of the STB 1, a video 
decoder 11 and an audio decoder 12 for outputting 
decrypted AV data to the display 4 ( a contents encrypt- 
ing means 13 that generates a contents key and 
encrypts AV data by using the above-mentioned con- 
75 tents key to generate encrypted AV data, a key encrypt- 
ing means 15 that carries out a second encrypting for 
the above-mentioned contents key to generate a 
encrypted contents key, a key decrypting means 1 6 that 
decrypts the above-mentioned encrypted contents key 
20 to restore the above-mentioned contents key, a contents 
decrypting means 14 that decrypts the above-men- 
tioned encrypted AV data by using the above-men- 
tioned restored contents key to obtain the above- 
mentioned AV data, a D-l/F (digital interlace) 18 for 
25 direct data transmission to the VTR apparatus 5, a cer- 
tified key exchanging means 19 that carries out certif ied 
key exchange with the VTR apparatus 5 to recognize 
the VTR apparatus 5, a receiving/demodulating means 
21 that receives radio waves from an artificial satellite 
30 via the antenna 3 and demodulates received data to 
convert the data into signals for use in the STB 1, a 
broadcasting descrambling means 20 for decrypting 
broadcasting encrypts provided for the received data, 
and a DMUX (Demultiplexer) 23 for demultiplexing mul- 
35 tiplexed received data. Furthermore, the STB 1 is pro- 
vided with an STB control means (not shewn) for 
controlling the whole of the STB 1, in addition to the 
above-mentioned means. 

[0020] The VTR apparatus 5 comprises a D-l/F (digital 
40 interface) 51 for direct data transmission to the STB 1 , a 
certified key exchanging means 52 that carries out cer- 
tified key exchange with the STB 1 to recognize the STB 
1 , an MUX (Multiplexer) 54 for carrying out multiplexing 
in accordance with the format of the recording medium 
45 6 for the above-mentioned encrypted AV data and the 
above-mentioned encrypted contents key, a recording 
means 55 for recording multiplexed data on the record- 
ing medium 6, a reproducing means 58 for reproducing 
the data recorded on the recording medium 6, and a 
so DMUX (Demultiplexer) 57 for demultiplexing the multi- 
plexed reproduced data. Furthermore, the VTR appara- 
tus 5 is further provided with a VTR control means (not 
shown) for controlling the whole of the VTR apparatus 5, 
in addition to the above-mentioned means. 
55 [0021] Next, the operations of the present embodi- 
ment will be described below. 
[0022] First the flow of data at the time when AV data 
is recorded on the recording medium 6 will be described 
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DISCLOSURE OF THE INVENTION 

[0011] By considering the above-mentioned problems 
encountered in the conventional data recording/repro- 
ducing methods, as a first object, the present invention s 
is intended to provide a data recording/reproducing 
method and a data recording/reproducing system, 
wherein, by encrypting data, only the specific object can 
be reproduced and the above-mentioned encrypting- 
related information is less likefy to leak outside. 10 
[0012] Furthermore, in addition to the above-men- 
tioned first object, the present invention is intended to 
provide a data recording/reproducing method and a 
data recording/reproducing system capable of securely 
carrying out billing at the time of recording and/or repro- is 
duction. 

[001 3] Moreover, in addition to the above-mentioned 
first object, the present invention is intended to provide 
a data recording/reproducing system having less loss 
time at the time of reproduction. ^ 
[0014] Additionally, the present invention is intended 
to provide a recording apparatus and a reproducing 
apparatus, capable of recording data on a recording 
medium and observing limitations on an effective repro- 
duction period and an effective number of reproductions 25 
for the data. 

BRIEF DESCRIPTION OF THE DRAWINGS 


FIG. 1 is a configuration view showing the configu- 
ration of a data recording/reproducing system in 
accordance with a first embodiment of the present 
invention; ^ 
FIG. 2 is a flow chart showing the flow of data at the 
time when the data recording/reproducing system 
in accordance with the first embodiment of the 
present invention records data; 
FIG. 3 is a flow chart showing the flow of data at the 40 
time when the data recording/reproducing system 
in accordance with the first embodiment of the 
present invention reproduces data; 
FIG. 4 is a schematic view showing the recording 
area on a recording medium, on which-recording is 45 
carried out by using the data recording/reproducing 
system in accordance with the first errtxxjiment of 
the present invention; 

FIG. 5 is a flow chart showing the flow of a record- 
ing medium on which recording is carried out by so 
using the data recording/reproducing system in 
accordance with the second embodiment of the 
present invention at the time of lending/borrowing; 
FIG. 6 is a flow chart showing the flow of data at the 
time when the data recording/reproducing system ss 
in accordance with the third embodiment of the 
present invention records data; 
FIG. 7 is a flow chart showing the f tow of data at the 


time when the data recording/reproducing system 
in accordance with the third embodiment of the 
present invention reproduces data; 
FIG. 8 is a flow chart showing the flow of data at the 
time when the data recording/reproducing system 
in accordance with the fourth embodiment of the 
present invention records data; 
FIG. 9 is a flow chart showing the flow of data at the 
time when the data recording/reproducing system 
in accordance with the fourth embodiment of the 
present invention reproduces data; 
FIG. 10 is a configuration view showing the config- 
uration of a data recording/reproducing system in 
accordance with a fifth embodiment of the present 
invention; 

FIG. 1 1 is a flow chart showing the flow of data at 
the time when the data recording/reproducing sys- 
tem in accordance with the fifth errtbodiment of the 
present invention records data; 
FIG. 12 is a flow chart showing the flow of data at 
the time when the data recording/reproducing sys- 
tem in accordance with the fifth errfcodiment of the 
present invention reproduces data; 
FIG. 13 is a configuration view showing the config- 
uration of another data recording/reproducing sys- 
tem in accordance with the fifth embodiment of the 
present invention; 

FIG. 14 is a flow chart showing the flow of data at 
the time when the other data recording/reproducing 
system in accordance with the fifth errfcodiment of 
the present invention records data; 
FIG. 15 is a configuration view showing the config- 
uration of a data recording/reproducing system in 
accordance with a sixth embodiment of the present 
invention; 

FIG. 16 is a flow chart showing the flow of data at 
the time when the data recording/reproducing sys- 
tem in accordance with the sixth embodiment of the 
present invention records data; 
FIG. 1 7 is a flow chart showing the flow of data at 
the time when the data recording/reproducing sys- 
tem in accordance with the sixth embodiment of the 
present invention reproduces data; 
FIG. 18 is a configuration view showing the config- 
uration of another data recording/reproducing sys- 
tem in accordance with the sixth enfcodiment of the 
present invention; 

FIG. 19 is a flow chart showing the flow of data at 

the time when the other data recording/reproducing 

system in accordance with the sixth embodiment of 

the present invention records data; 

FIG. 20 is a flow chart showing the flow of data at 

the time when the other data recording/reproducing 

system in accordance with the sixth embodiment of 

the present invention reproduces data; 

FIG. 21 is a flow chart showing the flow of data at 

the time when a data recording/reproducing system 

in accordance with a seventh embodiment of the 
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encrypted contents key STB Pa (Kco), multiplexed and 
recorded on the recording medium 6, are reproduced by 
the reproducing means 58 and demultiplexed by the 
DMUX 57. 

[0035] The demultiplexed encrypted AV data Kco (D) 
and the demultiplexed encrypted contents key STB Pa 
(Kco) are transmitted to the STB 1 via the D-l/F 51 and 
via the certified key exchanging means 52 and the D-l/F 
51, respectively; however, before the transmission, the 
certified key exchanging means 19 and 52 correspond- 
ing to the STB 1 and the VTR apparatus 5, respectively, 
exchange their certified keys to each other via the D- 
l/Fs 18 and 51 to confirm that they are parties transmit- 
table to each other, and the above-mentioned transmis- 
sion is carried out just as in the case of recording. 
[0036] The encrypted AV data Kco (D), transmitted to 
the STB 1 , is sent to the contents decrypting means 14 
via the D-l/F 18; and the encrypted contents key STB Pa 
(Kco) is sent to the key decrypting means 16 via the D- 
l/F 18 and the certified key exchanging means 19. The 
key decrypting means 16 restores the encrypted con- 
tents key STB Pa (Kco) to the contents key Kco by using 
the secret key STB Sa stored in the STB information 
storing means 17 and inherent in the STB 1, and sends 
it to the contents decrypting means 14. The contents 
decrypting means 14 outputs the AV data obtained by 
decrypting the encrypted AV data Kco (D) by using the 
restored contents key Kco to the video decoder 1 1 and 
the audio decoder 12. The video decoder 11 and the 
audio decoder 12 decode highly efficient coding and the 
like applied to the AV data D and outputs data to the dis- 
play^ 

[0037] By recording/reproducing AV data in accord- 
ance with the above-mentioned procedures, the con- 
tents key used to encrypt the AV data is encrypted by 
using the public key inherent in the STB 1 , and recorded 
on the recording medium together with the encrypted 
AV data; at the time of reproduction, the encrypted con- 
tents key is restored by using the secret key inherent in 
the STB 1; therefore, reproduction is possible only by 
the system having the secret key inherent in the STB 1 , 
in other words, by the system provided with the STB 1 
itself; hence, it is understood that the data record- 
ing/reproducing system in accordance with the present 
embodiment can reproduce only the specific object and 
is a data recording/reproducing system wherein 
encrypting-related information is less likely to leak out- 
side. 

[0038] Next, a billing method for the data record- 
ing/reproducing system in accordance with the present 
embodiment will be described below. This billing 
method will be described referring to FIGS. 2 and 3, 
since billing is carried out during recording/reproduction 
of AV data. 

[0039] First, a billing method during recording will be 
described. Referring to FIG. 2, the STB control means 
(not shown) of the STB 1 generates billing information 
by using a billing information generating means 22 dur- 


ing recording, and this is recorded on the IC card 2 via 
the card reading means 10. As the timing of recording, 
for example, the recording may be carried out in syn- 
chronization with a recorcfing command from the user or 
5 in synchronization with a first output from the contents 
encrypting means 13 or the key encrypting means 15. 
The contents of the billing information to be recorded 
may be an amount of billing itself or an identifier or the 
like for specifying the contents of billing. 
10 [0040] Next, a billing method during reproduction will 
be described below. Referring to FIG. 3, the STB control 
means (not shown) of the STB 1 generates billing infor- 
mation by using the billing information generating 
means 22 during reproduction, and this is recorded on 
is the IC card 2 via the card reading means 1 0. As the tim- 
ing of recording, for example, the recording may be car- 
ried out in synchronization with a reproduction 
command from the user or in synchronization with a first 
output from the contents decrypting means 14 or a key 
20 decrypting means 16. The contents of the billing infor- 
mation to be recorded are the same as those for record- 
ing. 

[0041 ] The billing information recorded on the IC card 
2 is output to a satellite broadcasting service provider at 
25 regular or irregular intervals through communications 
using telephone lines and the like, and the service pro- 
vider collects the amount of billing from the user by a 
method of charging it to the user's bank account or 
other method on the basis of the billing information. 
so [0042] In the above-mentioned description, it is 
explained that the billing information is recorded during 
recording and reproduction, that is, the billing is carried 
out during both recording and reproduction; however, 
without being limited to this, the billing may be carried 
35 out during either one. 

[0043] In addition, it is explained that the billing infor- 
mation is recorded on the IC card 2 via the card reading 
means 10; however, without being limited to this, the 
information may be recorded in the STB information 
40 storing means 17, for example. In the case when the 
information is recorded in the STB information storing 
means 17, the IC card 2 and the card reading means 10 
may be omitted from the data recording/reproducing 
system in the configuration of the present embodiment. 
45 [0044] Furthermore, the billing information during 
reproduction may be provided with a limitation on the 
period of reproduction and/or the number of reproduc- 
tions. For exanple, the amount of billing may change 
when the period exceeds a certain period or when the 
so number of reproductions exceeds a certain number. In 
the case of limiting the number of reproductions, how- 
ever, information indicating the total number of repro- 
ductions is required to be written on the recording 
medium 6 or the like each time reproduction is carried 

55 OUt. 

[0045] Moreover, information required for generating 
billing information during reproduction may be recorded 
during recording on the recording medium 6 so that the 
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referring to FIG. 2. FIG. 2 is a flow chart showing the 
flow of data at the time when the data recording/repro- 
ducing system in accordance with the first embodiment 
of the present invention records data. Referring to FIG. 
2, in the configuration shown in FIG. 1, means not 5 
required during recording are omitted as appropriate. In 
addition, D represents plain data of the AV data to be 
recorded, Kco represents a contents key used to 
encrypt AV data D, Kco (D) represents encrypted AV 
data obtained by encrypting the AV data D by using the 10 
contents key Kco, STB Pa represents a public key inher- 
ent in the STB 1 and used for encrypting the contents 
key Kco, and STB Pa (Kco) represents a encrypted con- 
tents key obtained by encrypting the contents key Kco 
by using the public key STB Pa, respectively. Further- 1S 
more, by switching the contents key Kco at regular or 
irregular intervals, the data recording/reproducing sys- 
tem in accordance with the present embodiment 
becomes a system wherein encrypting-reiated informa- 
tion is less likely to leak outside than in the case when 20 
the switching is not carried out 
[0023] First the receivingAiemodulating means 21 
receives digital video data, audio data. EMM (individual 
information), ECM (program information) and encrypted 
broadcasting scrambling key Ks received from a broad- 25 
casting station via the antenna 3, shapes the distur- 
bances in the signal waveforms of the video data and 
the audio data, and outputs the video data, audio data, 
EMM, ECM and encrypted broadcasting scrantrfing key 
KstotheDMUX23. 30 
[0024] The EMM (individual information) is information 
required to generate a key referred to as a work key Kw 
described later. 

[0025] Furthermore, the ECM (program information) is 
information required to restore the encrypted broad- 35 
casting scrambling key Ks. 

[0026] Then, the DMUX 23 receives the video data 
audio data, EMM, ECM and broadcasting scrambling 
key Ks from the receivingAJemodulating means 21, 
demultiplexes them, and outputs the video data and 40 
audio data (AV data) to the broadcasting descrarrtoling 
means 20. Furthermore, the means outputs the EMM to 
an EMM decrypting means 25, and also outputs the 
ECM and the encrypted broadcasting scrambling key 
Ks to an ECM decrypting means 24. 45 
[0027] Next the EMM decrypting means 25 receives 
a user ID key Km, also receives the EMM from the 
DMUX 23, decrypts the EMM by using the user ID key 
Km to generate the work key Kw, and outputs it to the 
ECM decrypting means 24. 50 
[0028] Furthermore, the ECM decrypting means 24 
receives the work key Kw from the EMM decrypting 
means 25, also receives the ECM and the encrypted 
broadcasting scrambling key Ks from the DMUX 23, 
decrypts the ECM by using the work key Kw to restore 55 
the encrypting of the encrypted broadcasting scram- 
bling key Ks, and outputs it to the broadcasting 
descrambling means 20. 


[0029] And the broadcasting descrambling means 20 
receives the broadcasting scramble key Ks from the 
ECM decrypting means 24 and also receives scrambled 
AV data from the DMUX 23, and then descrambles the 
scrambled AV data by using the broadcasting scram- 
bling key Ks. 

[0030] The AV data D, having been scrambled for 
broadcasting, is descrambled by the broadcasting 
descrambling means 20 and demultiplexed by the 
DMUX 23 to become plain AV data D, and the plain AV 
data D is sent to the video decoder 11, the audio 
decoder 12 and the contents encrypting means 13. The 
video decoder 11 and the audio decoder 12 decode 
highly efficient coding and the like applied to the AV 
data D t and then output data to the display 4. The con- 
tents encrypting means 13 generates a contents key 
Kco, and encrypts the AV data D by using the generated 
contents key Kco to generate encrypted AV data Kco 
(D). The generated contents key Kco is sent to the key 
encrypting means 15, and the key encrypting means 15 
encrypts the contents key Kco by using the public key 
STB Pa stored in the STB information storing means 1 7 
and inherent in the STB 1 to generate the encrypted 
contents key STB Pa (Kco), 

[0031] The encrypted AV data Kco (D) and the 
encrypted contents key STB Pa (Kco) are transmitted to 
the VTR apparatus 5 via the D-l/F 18 and via the certi- 
fied key exchanging means 19 and the D-l/F 18, respec- 
tively; however, before the transmission, the certified 
key exchanging means 19 and 52 corresponding to the 
STB 1 and the VTR apparatus 5, respectively, exchange 
their certified keys to each other via the D-I/Fs 18 and 
51 to confirm that they are parties transmittal^ to each 
other, and the above-mentioned transmission is carried 
out. 

[0032] The encrypted AV data Kco (D) and the 
encrypted contents key STB Pa (Kco), transmitted to 
the VTR apparatus 5, are sent to the MUX 54 via the D- 
l/F 51 and via the D-l/F 51 and the certified key 
exchanging means 52, respectively; and they are multi- 
plexed in accordance with the format of the recording 
medium 6, and then recorded on the recording medium 
6 by the recording means 55. 
[0033] Next, the flow of data at the time when the AV 
data recorded on the recording medium 6 is reproduced 
will be described below referring to FIG. 3. FIG. 3 is a 
flow chart showing the flow of data at the time when the 
data recording/reproducing system in accordance with 
the first embodiment of the present invention repro- 
duces data. Referring to FIG. 3 ( in the configuration 
shown in FIG. 1, means not required during reproduc- 
tion are omitted as appropriate. STB Sa corresponds to 
the public key STB Pa and represents a secret key 
inherent in the STB 1 and used to decrypt the encrypted 
contents key STB Pa (Kco) to restore the contents key 
Kco. The other reference encrypts in the figure are the 
same as those used in FIG. 2. 
[0034] The encrypted AV data Kco (D) and the 
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medium 6 is determined after receiving the data for use 
after the switching of the contents key, and then record- 
ing is carried out. 

[0053] Furthermore, in addition to the above-men- 
tioned recording procedure, information capable of s 
specifying the key used for encrypting the contents key 
Kco may be recorded on the recording medium 6. More 
specifically, the information is the ID information of the 
STB 1 in the case of the present embodiment. For 
example, if an attempt is made to carry out reproduction 10 
by using an STB other than the STB 1 , it is possible, by 
using this information, to deliver a warning for indicating 
that reproduction is impossible with the STB and to indi- 
cate the ID information of an STB (the STB 1 in this 
case) capable of reproduction. 15 
[0054] Moreover, the encrypted contents key may be 
recorded in a data area on the recording medium 6, 
from which nothing is output outside. For example, in 
the case of a D-VHS system, it is recorded in the sub- 
code area. With this, the data recording/reproducing 20 
system becomes a system wherein encrypting-related 
information is less likely to leak outside. 
[0055] In addition, in the present embodiment, it is 
explained that the encrypted digital data and the 
encrypted contents key are recorded at the recording 25 
positions corresponding to the timing of reproduction on 
the recording medium; however, without being limited to 
this, regardless of recording positions, reproduction 
should only be carried out so that the encrypted con- 
tents key corresponding to the contents key for use after 30 
switching overlaps at least a part of the encrypted digital 
data corresponding to the contents key for use before 
switching with respect to timing, or so that the encrypted 
contents key corresponding to one contents key over- 
laps the encrypted digital data corresponding thereto 35 
with respect to timing. 

[0056] In the case of using a conventional procedure 
instead of the billing method and/or the recording proce- 
dure for recording in the recording area on the recording 
medium of the above-mentioned present embodiment, 40 
the above-mentioned respective effects are not 
obtained; however, it is possible to satisfy the first object 
of the present invention, that is, to provide a data 
recording/reproducing method and a data record- 
ing/reproducing system, wherein reproduction is possi- 45 
bte for only the specific object, and encrypting-related 
information is less likely to leak outside. 

(Second embodiment) 

50 

[0057] A second embodiment in accordance with the 
present invention will be described below referring to 
the drawings. The present embodiment differs from the 
above-mentioned first embodiment in that the public 
key/secret key for encrypting/decrypting the contents ss 
key are keys inherent in the device model of the tuner 
apparatus of the present invention. For this reason, the 
same components as those used for the first embodi- 


ment are represented by the same reference codes, 
and the explanations of these components are omitted. 
Furthermore, components not described specifically are 
the same as those of the first embodiment. 
[0058] The configuration of the data recording/repro- 
ducing system in accordance with the present embodi- 
ment is the same as that of the data 
recording/reproducing system in accordance with the 
first embodiment. 

[0059] The operations of the present embodiment will 
be described below. 

[0060] The configuration in accordance with the 
present embodiment is the same as that of the data 
recording/reproducing system in accordance with the 
first embodiment, except that a public key STBU Pa 
inherent in the device model of the STB 1 is used to 
encrypt the contents key Kco, and that a secret key 
STBU Sa inherent in the device model of the STB 1 is 
used to decrypt the contents key Kco. Therefore, the 
operations of the present embodiment are indicated by 
using a configuration wherein the public key STB Pa, 
the secret key STB Sa and the encrypted contents key 
STB Pa (Kco) shown in FIGS. 2 and 3 are replaced with 
the public key STBU Pa, the secret key STBU Sa and 
the encrypted contents key STBU Pa (Kco), respec- 
tively; therefore, detailed explanation is omitted since 
the explanation is similar to that given referring to in 
FIGS. 2 and 3. 

[0061] By recording/reproducing AV data in accord- 
ance with the above-mentioned procedure, in the 
present embodiment, in addition to the effects obtained 
in accordance with the first embodiment, it is under- 
stood that the recording medium 6 can be lent to or bor- 
rowed from the user having an STB 101 being the same 
model as the STB 1 as shown in FIG. 5, and further- 
more that even if the STB 1 cannot be used because of 
an unrepairable failure or breakdown, continuous use is 
possible by replacing it with the STB of the same device 
model. 

(Third embodiment) 

[0062] A third embodiment in accordance with the 
present invention will be described below referring to 
the drawings. The present embodiment differs from the 
above-mentioned first embodiment in that the public 
key/secret key for encrypting/decrypting the contents 
key are keys inherent in the user ID recorded on the IC 
card of the present invention. For this reason, the same 
components as those used for the first embodiment are 
represented by the same reference codes, and the 
explanations of these components are omitted. Further- 
more, components not described specifically are the 
same as those of the first embodiment. 
[0063] The configuration of the data recording/repro- 
ducing system in accordance with the present embodi- 
ment is the same as that of the data 
recording/reproducing system in accordance with the 
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billing information can be generated by using the above- 
mentioned required information at the time when the 
recording medium 6 is reproduced. At this time, for 
example, the STB control means generates the above- 
mentioned required information during the recording, 
sends this to the recording means 55 via the D-l/Fs 18 
and 51 , and the recording means 55 records this in the 
first part of data to be recorded. During the reproduc- 
tion, the above-mentioned required information is repro- 
duced by the reproducing means 58 and sent to the 
STB control means via the D-l/Fs 18 and 51 ; and on the 
basis of this, the STB control means generates the bill- 
ing information for reproduction by using the billing infor- 
mation generating means 22. 
[0046] From the above-mentioned descriptions, it is 
understood that the data recording/reproducing system 
of the present embodiment is a data recording/repro- 
ducing system capable of securely carrying out billing 
during recording and/or reproduction. 
[0047] Next the recording area on the recording 
medium, for data recorded on the recording medium by 
the data recording/reproducing system of the present 
embodiment, will be described below referring to FIGS 
2 and 4. 

[0048] FIG. 4 is a schematic view showing the record- 
ing area on the recording medium, on which recording is 
carried out by using the data recording/reproducing sys- 
tem in accordance with the first embodiment of the 
present invention. The left-to-right direction of FIG. 4 
indicates the recording position on the recording 
medium 6 with respect to time, and the up-to-down 
direction indicates the configuration of data recorded at 
the same time. Referring to FIG. 4, the recording area is 
divided into a main area and a sub-area. In the main 
area, encrypted AV data and a flag indicating the timing 
for changing contents key are written; and in the sub- 
area, at the contents keys (Kco-a, Kco-b, Kco-c, Kco-d, 
...) used for encrypting the encrypted AV data (Kco-a 
(D). Kco-b (D), Kco-c (D), Kco-d (D), ...) recorded in the 
main area positions corresponding to the recording - 
positions, encrypted contents keys (STB Pa (Kco-a), 
STB Pa (Kco-b), STB Pa (Kco<), STB Pa (Kco-d), ...) 
obtained by encrypting by using the public key STB Pa 
are written; and at the contents keys (Kco-b, Kco-c, 
Kco<J. Kco-e, ...) for use after switching of the next con- < 
tents key, encrypted contents keys (STB Pa (Kco-b), 
STB Pa (Kco-c), STB Pa (KccmJ), STB Pa (Kco-e), ...) 
obtained by encrypting by using the public key STB Pa 
are written. However, for purposes of convenience, in 
FIG. 4, the encrypted contents keys STB Pa (Kco-a), s 
STB Pa (Kco-b), STB Pa (Kco-c), STB Pa (Kco-d), ... 
are represented by the contents keys Kco-a, Kco-b, 

Kco-c, Kco-d which are contents keys for use before 

encrypting. 

[0049] As described above, the contents encrypting & 
means 13 generates the contents key Kco by switching 
at regular or irregular intervals, and encrypts the AV 
data D by using the generated contents key Kco to gen- 


erate the encrypted AV data Kco (D); however, the con- 
tents encrypting mean previously generates a contents 
key (for example, Kco-b) to be obtained by switching 
next to the current contents key (for example, Kco-a), 
s and before using it, converts it into the encrypted con- 
tents key STB Pa (Kco-a) by the key encrypting means 
15, and sends it to the MUX54 via the certified key 
exchanging means 19 and the D-l/Fs 18 and 51; and 
then the recording means 55 records it together with the 
w current contents key Kco-a, the encrypted AV data Kco- 
a (D) encrypted thereby and the like in the recording 
area shown in FIG. 4. The flag indicating the timing for 
changing contents key is added to, for exanple, a 
packet header for transmitting AV data and then trans- 
15 mitted; on the basis of this, the recording means 55 
determines the recording position of each piece of 
recording data. 

[0050] As shown in FIG. 4, the encrypted contents key 
STB Pa (Kco-b) corresponding to a contents key for use 
20 after switching, for example, Kco-b, is recorded on the 
recording medium 6 so as to overlap at least a part of 
the encrypted AV data Kco-a (D) corresponding to the 
contents key Kco-a for use before switching, and the 
contents key Kco-a for use before switching is recorded 
2s on the recording medium 6 so as to overlap the position 
wherein the encrypted AV data Kco-a (D) correspond- 
ing thereto is recorded. Referring to FIG. 4, in the 
recording area for the encrypted contents key STB Pa 
(Kco-b), writing has been completed immediately before 
30 the encrypted contents key STB Pa (Kco-c) correspond- 
ing to the next contents key Kco-c is written; however, 
the writing should only be completed at least before the 
encrypted contents key STB Pa (Kco-c) is written; in 
other words, if recording is completed so that the 
35 recording area for the encrypted contents key STB Pa 
(Kco-b) in FIG. 4 overlaps at least a part of the 
encrypted AV data Kco-a (D). a data blank area may be 
present between the recording area and the starting 
end of the recording area for the encrypted contents key 
to STB Pa (Kco-c). 

[0051] By carrying out recording on the recording 
medium in accordance with the above-mentioned pro- 
cedure, the next contents key can be decrypted before- 
hand during reproduction; therefore, it is understood 
5 that the data recording/reproducing system of the 
present embodiment is a data recording/reproducing 
system causing less loss time during reproduction. 
[0052] The recording procedure for recording in the 
recording area on the recording medium of the present 
o invention is not limited to the above-mentioned record- 
ing procedure of the present embodiment; for example, 
it may be possible to use a procedure wherein the con- 
tents encrypting means 13 does not previously gener- 
ate the contents key for use after the next switching, but 
» the VTR apparatus 5 has a means for temporarily stor- 
ing data sent from the STB 1 and allows the above-men- 
tioned temporary storing means to temporarily store the 
current data, and the recording area on the recording 
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effects obtained in accordance with the first embodi- 
ment, rt is understood that, even if the STB 1 cannot be 
used because of an unrepairable failure or breakdown, 
continuous use is possible by replacing it with another 
STB (a device model other than the same device model 
can be used), and furthermore that only the specific 
user permitted to receive specific service corresponding 
to recorded AV data can lend/borrow the recording 
medium 6. 

[0075] As understood from the above-mentioned 
operations, in the present embodiment, the STB storing 
means 1 1 may be omitted from the configuration of the 
data recording/reproducing system in accordance with 
the first embodiment shown in FIG. 1. 

(Fifth Embodiment) 

[0076] A fifth embodiment in accordance with the 
present invention will be described below referring to 
the drawings. The present embodiment differs from the 
above-mentioned first embodiment in that the key 
encrypting means of the present invention is provided 
for the VTR apparatus, and accordingly that the tuner 
apparatus of the present invention has a second key 
encrypting means for encrypting the contents key by 
using a common key, and thai the VTR apparatus of the 
present invention has a second key decrypting means 
for decrypting the above-mentioned contents key 
encrypted by using the above-mentioned common key. 
For this reason, the same components as those used 
for the first embodiment are represented by the same 
reference codes, and the explanations of these compo- 
nents are omitted. Furthermore, components not 
described specifically are the same as those of the first 
embodiment. 

[0077] FIG. 10 is a configuration view showing the 
configuration of the data recording/reproducing system 
in accordance with the fifth embodiment of the present 
invention. The configuration of the data recording/repro- 
ducing system of the present embodiment differs from 
the data recording/reproducing system of the first 
embodiment in that a key encrypting means 62 corre- 
sponding to the key encrypting means of the present 
invention is provided for the VTR apparatus 5 instead of 
the STB 1 ; accordingly, the STB 1 has a key decrypting 
means 31 corresponding to the second key encrypting 
means of the present invention; and the VTR apparatus 
5 has a key decrypting means 61 corresponding to the 
second key decrypting means of the present invention, 
and a VTR information storing means 71 for storing 
information regarding the common key, public key and 
the like used by the key decrypting means 61 and the 
key encrypting means 62. Furthermore, the STB infor- 
mation storing means 17 holds the information regard- 
ing the common key that is used when the key 
encrypting means 31 encrypts the contents key, in addi- 
tion to the information held in the case of the first 
embodiment. 


[0078] In the case when the billing information is 
stored in the STB information storing means 17, for 
example, just as in the case of the first embodiment, the 
IC card 2 and the card reading means 10 may be omit- 
5 ted from the data recording/reproducing system in the 
configuration of the present embodiment. 
[0079] The operations of the present embodiment will 
be described below. 

[0080] First, the flow of data at the time when AV data 

w is recorded on the recording medium 6 will be described 
below referring to FIG. 1 1 . FIG. 1 1 is a flow chart show- 
ing the flow of data at the time when the data record- 
ing/reproducing system in accordance with the fifth 
embodiment of the present invention records data. In 

is FIG. 1 1 , means and the like not required for recording 
are omitted as appropriate from the configuration shown 
in FIG. 10. Furthermore, the reference encrypts in the 
figure are the same as those used in FIGS. 2 and 3, 
except for those explained newly. Kk represents a com- 

20 mon key that is common to the STB 1 and the VTR 
apparatus 5 and used to encrypt the contents key Kco. 
Kco represents a contents key used to encrypt AV data 
D, and Kk (Kco) represents a encrypted contents key 
obtained by encrypting the contents key Kco by using 

25 the common key Kk, respectively. Just as in the case of 
the first embodiment, by switching the contents key Kco 
at regular or irregular intervals, the data record- 
ing/reproducing system in accordance with the present 
embodiment becomes a system wherein encrypting- 

30 related information is less likely to leak outside, in com- 
parison with the case wherein the switching is not car- 
ried out. 

[0081] The AV data D, decrypted as broadcasting 
radio waves and multiplexed, is received via the 

35 antenna 3, demodulated by the receiving/demodulating 
means 21 and decrypted by the broadcasting descram- 
bling means 20 with respect to encrypts for broadcast- 
ing, demultiplexed by the DMUX 23 to become plain AV 
data D, and then sent to the video decoder 1 1 , the audio 

40 decoder 1 2 and the contents encrypting means 13. The 
video decoder 11 and the audio decoder 12 decode 
highly efficient coding and the like given to the AV data 
D, and output data to the display 4. The contents 
encrypting means 13 generates the contents key Kco, 

45 encrypts the AV data D by using the generated contents 
key Kco to generate encrypted AV data Kco (D). The 
generated contents key Kco is sent to the key encrypt- 
ing means 31, and the key encrypting means 31 
. encrypts the contents key Kco by using the common key 

so Kk common to the STB 1 and the VTR apparatus 5 and 
stored in the STB information storing means 17 to gen- 
erate the encrypted contents key Kk (Kco). 
[0082] The encrypted AV data Kco (D) and the 
encrypted contents key Kk (Kco) are transmitted to the 

55 VTR apparatus 5 via the D-l/F 18 and via the certified 
key exchanging means 19 and the D-l/F 18, respec- 
tively: however, before the transmission, the certified 
key exchanging means 19 and 52 corresponding to the 
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first embodiment 


[0064] The operations of the present embodiment will 
be described below. 

[0065] FIG. 6 is a flow chart showing the flow of data 
at the time when the data recording/reproducing system 
in accordance with the second embodiment of the 
present invention records data; and FIG. 7 is a flow 
chart showing the flow of data at the time when the data 
recording/reproducing system in accordance with the 
second embodiment of the present invention repro- 
duces data. As shown in FIGS. 6 and 7, the configura- 
tion in accordance with the present embodiment is the 
same as that of the data recording/reproducing system 
in accordance with the first embodiment, except that a 
public key USER Pa inherent in the user ID recorded on 
the IC card 2 is used to encrypt the contents key Kco, 
and that a secret key USER Sa inherent in the user ID 
is used to decrypt the contents key Kco. 
[0066] By recording/reproducing AV data in accord- 
ance with the above-mentioned procedure, in the con- 
figuration of the present embodiment, in addition to the 
effects obtained in accordance with the first embodi- 
ment, it is understood that even if the STB 1 cannot be 
used because of an unrepairable failure or breakdown, 
continuous use is possible by replacing it with another 
STB (a device model other than the same device model 
can be used), and furthermore that another user can 
use the system through lending or borrowing of the 
recording medium 6 together with the IC card 2. 
[0067] Furthermore, in the present embodiment, pro- 
vided that, in order to encrypt the contents key Kco as 
described above, the encrypted contents key USER Pa 
(Kco) is generated by using the public key USER Pa 
inheref»irWr^^ 

the encrypted contents key USER1 Pa (Kco) is also 
generated by using the public key USER1 Pa inherent in 
another user ID recorded on the IC card 2, and that 
these are recorded on the recording medium 6 together 
with the encrypted contents key USER Pa (Kco), a spe- 
cific user having the secret key USER1 Sa correspond- 
ing to the public key USER1 Pa can restore the 
encrypted contents key USER1 Pa (Kco) by using the 
USER1 Sa; therefore, the recording medium 6 can be 
lent only to the specific user. The number of the public 
key USER1 Pa is not limited to one, but plural public 
keys, such as USER1 Pa to USERn Pa, may be availa- 
ble. In other words, the user can simply lend the 
medium to another user, in the case when he wishes to 
borrow and use it, by having the other user record the 
public key USERn Pa corresponding thereto on the IC 
card 2 in accordance with a predetermined procedure. 
[0068] As understood from the above-mentioned 
operations, in the present embodiment, the STB storing 
means 1 1 may be omitted from the configuration of the 
data recording/reproducing system in accordance with 
the first embodiment shown in FIG. 1. 


(Fourth embodiment) 
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[0069] A fourth embodiment in accordance with the 
present invention will be described below referring to 
the drawings. The present embodiment differs from the 
above-mentioned first embodiment in that the public 
key/secret key for encrypting/decrypting the contents 
key are keys inherent in the service recorded on the IC 
card of the present invention. For this reason, the same 
components as those used for the first embodiment are 
represented by the same reference codes, and the 
explanations of these components are omitted. Further- 
more, components not described specifically are the 
same as those of the first embodiment 
[0070] The configuration of the data recording/repro- 
ducing system in accordance with the present embodi- 
ment is the same as that of the data 
recording/reproducing system in accordance with the 
first embodiment. 

[0071 ] The operations of the present embodiment will 
be described below. 

[0072] FIG. 8 is a flow chart showing the flow of data 
at the time when the data recording/reproducing system 
in accordance with the fourth embodiment of the 
present invention records data; and FIG. 9 is a flow 
chart showing the flow of data at the time when the data 
recording/reproducing system in accordance with the 
fourth embodiment of the present invention reproduces 
data. As shown in FIGS. 8 and 9, the configuration in 
accordance with the present embodiment is the same 
as that of the data recording/reproducing system in 
accordance with the first embodiment, except that a 
P 14 * fy. ?ERV Pa in&er^^ 
the IC card 2 is used to encrypt the contents key Kco, 
and that a secret key SERV Sa inherent in the device 
model of the STB 1 is used to restore the contents key 
Kco. More specifically, the key inherent in the service 
includes keys inherent in a specific program only, inher- 
ent in programs of a specific genre only, inherent in pro- 
grams in a specific channel only, inherent in a specific 
satellite broadcasting provider only, and the like. 
[0073] For example, by previously paying the charge 
for the recording/reproduction of a specific program, the 
public key SERV Pa and the secret key SERV Sa inher- 
ent in the program are allowed to be stored in the IC 
card 2, whereby the above-mentioned specific program 
can be recorded/reproduced. In this case, if the public 
key SERV Pa and the secret key SERV Sa are not 
stored on the IC card 2, the STB 1 is required to take a 
measure to prevent recording. In the case of a program 
other than the specific program requiring the public key 
SERV Pa and the secret key SERV Sa. the public key 
and the secret key used for one of the first to third 
embodiments are selected and used; these methods 
can be used in combination. 

[0074] By recording/reproducing AV data in accord- 
ance with the abcye-mentioned procedure, in the con- 
figuration of 'the present embodiment, in addition to the 
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via the D-l/F 18 and via the certified key exchanging 
means 19 and the D-l/F 18, respectively; however, 
before the transmission, the certified key exchanging 
means 19 and 52 corresponding to the STB 1 and the 
VTR apparatus 5, respectively, exchange their certified 
keys via the D-I/Fs 18 and 51 to confirm that they are 
parties transmittable to each other, and the above-men- 
tioned transmission is carried out. 
[0092] The encrypted AV data Kco (D) transmitted to 
the VTR apparatus 5 is sent to the MUX 54 via the D-l/F 

51 . In addition, the contents key Kco transmitted to the 
VTR apparatus 5 is sent to the key encrypting means 62 
via the D-l/F 51 and the certified key exchanging means 

52. The key encrypting means 62 encrypts the contents 
key Kco by using the public key STB Pa inherent in the 
STB 1 and stored in the VTR information storing means 
71 to generate the encrypted contents key STB Pa 
(Kco), and sends it to the MUX 54. The encrypted AV 
data Kco (D) and the encrypted contents key STB Pa 
(Kco) sent to the MUX 54 are multiplexed in accordance 
with the format of the recording medium 6, and then 
recorded on the recording medium 6 by the recording 
means 55. 

[0093] The flow of data at the time of data reproduc- 
tion in the data recording/reproducing system having 
the configuration shown in FIG. 13 is the same as the 
flow of data at the time of data reproduction shown in 
FIG. 12. Therefore, the subsequent explanation is omit- 
ted. 

[0094] The STB information storing means 1 7 and the 
VTR information storing means 71 are not required to 
hold the information regarding the common key held in 
the configuration shown in FIG. 10. 
[0095] By recording/reproducing the AV data in 
accordance with the above-mentioned procedure, the 
encrypting of the contents key at the STB 1 on the trans- 
mission side to the VTR apparatus 5 is not carried out 
during AV data recording; therefore, the burden to the 
STB 1 having an increased burden due to the concur- 
rent encrypting of the AV data and the contents key can 
be further decreased; for this reason, it is understood 
that the data recording/reproducing system having the 
configuration shown in FIG. 13 is capable of having 
higher recording efficiency by further smoothing the bur- 
den to the STB 1 and the VTR apparatus 5, in compari- 
son with the data recording/reproducing system having 
the configuration shown in FIG. 10. However, in com- 
parison with the data recording/reproducing system 
shown in FIG. 10, the present system is low in security 
for data transmission from the STB 1 to the VTR appa- 
ratus 5. This kind of configuration is particularly effective 
when applied to the data recording/reproducing system 
provided with an integrated STB wherein the functions 
of the STB and the VTR apparatus are integrated, just 
as in the case of an eighth embodiment described later. 


(Sixth embodiment) 

[0096] A sixth embodiment in accordance with the 
present invention will be described below referring to 

s the drawings. The present embodiment differs from the 
above-mentioned first embodiment in that the key 
encrypting means and the key decrypting means of the 
present invention are provided for the VTR apparatus, 
and that the pifclic key/secret key for encrypt- 

10 ing/decrypting the contents key are keys inherent in the 
VTR apparatus of the present invention. For this reason, 
the same components as those used for the first 
embodiment are represented by the same reference 
codes, and the explanations of these components are 

is omitted. Furthermore, components not described spe- 
cifically are the same as those of the first embodiment. 
[0097] FIG. 15 is a configuration view showing the 
configuration of the data recording/reproducing system 
in accordance with the sixth embodiment of the present 

20 invention. The conf iguration of the data recording/repro- 
ducing system of the present embodiment differs from 
the data recording/reproducing system of the first 
embodiment in that the key encrypting means 62 corre- 
sponding to the key encrypting means of the present 

25 invention and the key decrypting means 64 correspond- 
ing to the key decrypting means of the present invention 
are provided for the VTR apparatus 5 instead of the STB 
1 ; accordingly, the STB 1 has the key encrypting means 

31 corresponding to the second key encrypting means 
30 of the present invention and the key decrypting means 

32 corresponding to the second key decrypting means 
of the present invention, and the VTR apparatus 5 has 
the key decrypting means 61 corresponding to the sec- 
ond key decrypting means of the present invention, the 

35 key encrypting means 63 corresponding to the second 
key encrypting means of the present invention and the 
VTR information storing means 71 for storing informa- 
tion regarding the common key, the public key and the 
like used by the key decrypting means 61, the key 

40 encrypting means 62, the key encrypting means 63 and 
the key decrypting means 64. Furthermore, the STB 
information storing means 17 holds the information 
regarding the common key, which is used when the key 
encrypting means 31 encrypts the contents key, in addi- 

45 tion to the information held in the case of the first 
embodiment 

[0098] In the case when the billing information is 
recorded in the STB information storing means 17, for 
example, just as in the case of the first embodiment, the 

so IC card 2 and the card reading means 10 may be omit- 
ted from the data recording/reproducing system in the 
configuration of the present embodiment. 
[0099] Next the operations of the present embodi- 
ment will be described below. 

55 [01 00] First, the flow of data at the time when AV data 
is recorded on the recording medium 6 will be described 
below referring to FIG. 14. FIG. 16 is a flow chart show- 
ing the flow of data at the time when the data record- 
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STB 1 and the VTR apparatus 5, respectively, exchange 
their certified keys via the D-I/Fs 18 and 51 to confirm 
that they are parties transmittable to each other, and the 
above-mentioned transmission is carried out. 
[0083] The encrypted AV data Kco (D) transmitted to s 
the VTR apparatus 5 is sent to the MUX 54 via the D-l/F 
51. In addition, the encrypted contents key Kk (Kco) 
transmitted to the VTR apparatus 5 is sent to the key 
decrypting means 61 via the D-l/F 51 and the certified 
key exchanging means 52. The key decrypting means w 
61 decrypts the encrypted contents key Kk (Kco) to 
restore the contents key Kco by using the common key 
Kk stored in the VTR information storing means 71 , and 
sends it to the key encrypting means 62. The key 
encrypting means 62 encrypts the contents key Kco by is 
using the public key STB Pa inherent in the STB 1 and 
stored in the VTR information storing means 71 to gen- 
erate the encrypted contents key STB Pa (Kco), and 
sends it to the MUX 54. The encrypted AV data KCo (D) 
and the encrypted contents key STB Pa (Kco) sent to 20 
the MUX 54 are multiplexed in accordance with the for- 
mat of the recording medium 6, and then recorded on 
the recording medium 6 by the recording means 55. 
10084] Next, the flow of data at the time when AV data 
recorded on the recording medium 6 is reproduced will 25 
be described below referring to FIG. 12. FIG. 12 is a 
flow chart showing the flow of data at the time when the 
data recording/reproducing system in accordance with 
the fifth embodiment of the present invention repro- 
duces data. As shown in FIG. 12, in the present embod- 30 
iment, the encrypted contents key STB Pa (Kco) having 
been recorded is not restored in the VTR apparatus 5 
but sent to the key decrypting means 16 of the STB 1 , 
and restored herein to the contents key Kco by using the 
secret key STB Sa inherent in the STB 1 and stored in 35 
the STB information storing means 17. Means and the 
like not required for reproduction are omitted as appro- 
priate from the configuration shown in FIG. 1. In other 
words, the flow of data at the time of reproducing the AV 
data is the same as that of the first embodiment shown 40 
in FIG. 3. 

[0085] By recording/reproducing the AV data in 
accordance with the above-mentioned procedure, the 
encrypting of the contents key at the STB 1 on the trans- 
mission side to the VTR apparatus 5 is carried out dur- 45 
ing AV data recording by using the common key which 
causes a less burden; therefore, the burden to the STB 
1 having an increased burden due to the concurrent 
encrypting of the AV data and the contents key can be 
decreased; for this reason, it is understood that the data so 
recording/ireproducing system of the present embodi- 
ment can reproduce only the specific object, thereby 
becoming a data recording/reproducing system wherein 
encrypting-related information is less likely to leak out- 
side, and furthermore that the system is capable of hav- 55 
ing higher recording efficiency by smoothing the burden 
to the STB 1 and the VTR apparatus 5, in comparison 
with the data recording/reproducing system of the first 


embodiment. 

[0086] In the present embodiment, it is explained that 
the public key and the secret key of the present inven- 
tion are keys inherent in the tuner apparatus (STB 1) of 
the present invention, just as in the case of the first 
embodiment; however, without being limited to this, just 
as in the case of one of the second to fourth embodi- 
ments, fa example, the keys may be keys inherent in 
the device model of the tuner apparatus (STB 1) of the 
present invention, inherent in the user ID recorded on 
the IC card of the present invention, and inherent in the 
service recorded on the IC card of the present invention. 
[0087] Furthermore, it is explained that the public key 
information of the present invention is stored in the VTR 
information storing means 71 in the case of the present 
embodiment; however, without being limited to this, the 
information may be sent from the STB 1 at the start of 
recording, for example. 

[0088] It is also possible to use the configuration 
shown in FIG. 13, wherein the key encrypting means 31 
and the key decrypting means 61 are omitted from the 
data recording/reproducing system of the present 
embodiment. With this configuration, data transmission 
is carried out without encrypting the contents key at the 
time of data transmission from the tuner apparatus to 
the VTR apparatus of the present invention. This kind of 
configuration is particularly effective when applied to the 
data recording/reproducing system provided with an 
integrated STB wherein the functions of the STB and 
the VTR apparatus are integrated, just as in the case of 
an eighth embodiment described later. The data record- 
ing/reproducing system having the configuration shown 
in FIG. 13 will be described below. 
[0089] FIG. 1 4 shows the flow of data at the time when 
AV data is recorded on the recording medium 6 in the 
data recording/reproducing system having the configu- 
ration shown in FIG. 13. In FIG. 14, means and the like 
not required for reproduction are omitted as appropriate 
from the configuration shown in FIG. 13. In addition, the 
reference encrypts in the figure are the same as those 
used in FIGS. 11 and 12. 

[0090] The AV data D, decrypted as broadcasting 
radio waves and multiplexed, is received via the 
antenna 3, demodulated by the receiving/demodulating 
means 21 and decrypted by the broadcasting descranv 
bling means 20 with respect to encrypts for broadcast- 
ing, demultiplexed by the DMUX 23 to become plain AV 
data D, and then sent to the video decoder 11, the audio 
decoder 12 and the contents encrypting means 13. The 
video decoder 11 and the audio decoder 12 decode 
highly efficient coding and the like given to the AV data 
D, and output data to the display 4. The contents 
encrypting means 13 generates contents key Kco, and 
encrypts the AV data D by using the generated contents 
key Kco, thereby to generate encrypted AV data Kco 
(D). 

[0091] The encrypted AV data Kco (D) and the con- 
tents key Kco are transmitted to the VTR apparatus 5 
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(Kco) is sent to the key decrypting means 32 via the D- 
l/F 18 and the certified key exchanging means 19. The 
key decrypting means 32 decrypts the encrypted con- 
tents key Kk (Kco) to restore the contents key Kco by 
using the common key Kk stored in the STB information 
storing means 1 7, and sends it to the contents decrypt- 
ing means 14. The contents decrypting means 14 out- 
puts the AV data D obtained by decrypting the 
encrypted AV data Kco (D) by using the restored con- 
tents key Kco to the video decoder 11 and the audio 
decoder 12. The video decoder 11 and the audio 
decoder 12 decode highly efficient coding and the like 
given to the AV data D, and output data to the display 4. 
[0108] By recording/reproducing the AV data in 
accordance with the above-mentioned procedure, the 
contents key, used to encrypt the AV data, is encrypted 
by using the public key inherent in the VTR apparatus 5, 
and recorded together with the encrypted AV data on 
the recording medium; and during reproduction, the 
encrypted contents key is restored by using the secret 
key inherent in the VTR apparatus 5; for this reason, 
only the system having the secret key inherent in the 
VTR apparatus 5, that is, only the system provided with 
the VTR apparatus 5 itself can carry out reproduction; 
therefore, it is understood that the data recording/repro- 
ducing system of the present embodiment can repro- 
duce only the specific object, thereby becoming a data 
recording/reproducing system wherein encrypting- 
related information is less likely to leak outside. 
[0109] Furthermore, as shown in FIG. 18, it is possible 
to have a configuration wherein the key encrypting 
means 31, the key decrypting means 32, the key 
decrypting means 61 and the key encrypting means 63 
are omitted from the data recording/reproducing system 
of the present embodiment. With this configuration, the 
data transmission between the tuner apparatus and the 
VTR apparatus of the present invention can be carried 
out without encrypting the contents key. The data 
recording/reproducing system having the configuration 
shown in FIG. 13 will be described below. 
[01 10] FIG. 1 9 shows the flow of data at the time when 
AV data is recorded on the recording medium 6 in the 
data recording/reproducing system having the configu- 
ration shown in FIG. 18. In FIG. 19, means or the like 
not required for reproduction are omitted as appropriate 
from the configuration shown in FIG. 18. Reference 
encrypts in the figure are the same as those used in 
FIGS. 16 and 17. 

[0111] The AV data D, encrypted as broadcasting 
radio waves and multiplexed, is received via the 
antenna 3, demodulated by the receiving/demodulating 
means 21 and decrypted by the broadcasting descram- 
bling means 20 with respect to encrypts for broadcast- 
ing, demultiplexed by the DMUX 23 to become plain AV 
data D, and then sent to the video decoder 1 1 , the audio 
decoder 12 and the contents encrypting means 13. The 
video decoder 11 and the audio decoder 12 decode 
highly efficient coding and the like given to the AV data 


D, and output data to the display 4. The contents 
encrypting means 13 generates the contents key Kco, 
encrypts the AV data D by using the generated contents 
key Kco to generate encrypted AV data Kco (D). 

s [01 12] The encrypted AV data Kco (D) and the con- 
tents key Kco are transmitted to the VTR apparatus 5 
via the D-l/F 18 and via the certified key exchanging 
means 19 and the D-l/F 18, respectively; however, 
before the transmission, the certified key exchanging 

10 means 19 and 52 corresponding to the STB 1 and the 
VTR apparatus 5, respectively, exchange their certified 
keys via the D-I/Fs 18 and 51 to confirm that they are 
parties transmittable to each other, and the above-men- 
tioned transmission is carried out. 

15 [01 1 3] The encrypted AV data Kco (D) transmitted to 
the VTR apparatus 5 is sent to the MUX 54 via the D-l/F 
51. In addition, the contents key Kco transmitted to the 
VTR apparatus 5 is sent to th$ key encrypting means 62 
via the D-l/F 51 and the certified key exchanging means 

20 52. The key encrypting means 62 encrypts the contents 
key Kco by using the public key VTR Pa inherent in the 
VTR apparatus 5 and stared in the VTR information 
storing means 71 to generate the encrypted contents 
key VTR Pa (Kco) and sends it to the MUX 54. The 

25 encrypted AV data Kco (D) and the encrypted contents 
key VTR Pa (Kco) sent to the MUX 54 are multiplexed in 
accordance with the format of the recording medium 6 t 
and then recorded on the recording medium 6 by the 
recording means 55. 

30 [01 1 4] Next, the flow of data at the time when AV data 
recorded on the recording medium 6 in the data record- 
ing/reproducing system having the configuration shown 
in FIG. 18 is reproduced will be described below refer- 
ring to FIG. 20. In FIG. 20, means and the like not 

35 required for reproduction are omitted as appropriate 
from the configuration shown in FIG. 18. Furthermore, 
the reference encrypts in the figure are the same as 
those used in FIGS. 16 and 17. 
[0115] The encrypted AV data Kco (D) and the 

40 encrypted contents key VTR Pa (Kco). multiplexed and 
recorded on the recording medium 6, are reproduced by 
the reproducing means 58, and demultiplexed by the 
DMUX 57. The demultiplexed encrypted contents key 
VTR Pa (Kco) is sent to the key decrypting means 64, 

45 The key decrypting means 64 decrypts the encrypted 
contents key VTR Pa (Kco) to restore the contents key 
Kco by using the secret key VTR Sa inherent in the VTR 
apparatus 5 and stored in the VTR information storing 
means 71. 

so [01 1 6] The demultiplexed encrypted AV data key Kco 
(D) and the restored contents key Kco are transmitted to 
the STB 1 via the D-l/F 51 and via the certified key 
exchanging means 52 and the D-l/F 51 , respectively; 
however, before the transmission, the certified key 

55 exchanging means 1 9 and 52 corresponding to the STB 
1 and the VTR apparatus 5, respectively, exchange their 
certified keys via the D-I/Fs 18 and 51 to confirm that 
they are parties transmittable to each other, and the 
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ing/reproducing system in accordance with the sixth 
embodiment of the present invention records data. In 
FIG. 16, means and the like not required for recording 
are omitted as appropriate from the configuration shown 
in FIG. 15. The reference encrypts in the figure are the 5 
same as those used in FIGS. 2 and 3 t except for those 
explained newly. Kk represents a common key that is 
common to the STB 1 and the VTR apparatus 5 and 
used to encrypt the contents key Kco, Kk (Kco) repre- 
sents a encrypted contents key obtained by encrypting 10 
the contents key Kco by using the common key Kk, VTR 
Pa represents a public key inherent in the VTR appara- 
tus 5 and used to encrypt the contents key Kco, and 
VTR Pa (Kco) represents a encrypted contents key 
obtained by encrypting the contents key Kco by using 1S 
the public key VTR Pa, respectively. Furthermore, just 
as in the case of the first embodiment, by switching the 
contents key Kco at regular or irregular intervals, the 
data recording/reproducing system in accordance with 
the present embodiment becomes a system wherein 20 
encrypting-related information is less likely to leak out- 
side, in comparison with the case wherein the switching 
is not carried out. 

[0101] The AV data D p decrypted as broadcasting 
radio waves and multiplexed, is received via the 2s 
antenna 3, demodulated by the receiving/demodulating 
means 21 and decrypted by the broadcasting descram- 
bling means 20 with respect to encrypts for broadcast- 
ing, demultiplexed by the DMUX 23 to become plain AV 
data D, and then sent to the video decoder 1 1 , the audio 30 
decoder 12 and the contents encrypting means 13. The 
video decoder 11 and the audio decoder 12 decode 
highly efficient coding and the like given to the AV data 
D. and output data to the display 4. The contents 
encrypting means 13 generates the contents key Kco, 35 
encrypts the AV data D by using the generated contents 
key Kco to generate encrypted AV data Kco (D). The 
generated contents key Kco is sent to the key encrypt- 
ing means 31. and the key encrypting means 31 
encrypts the contents key Kco by using the common key 40 
Kk common to the STB 1 and the VTR apparatus 5 and 
stored in the STB information storing means 17 to gen- 
erate the encrypted contents key Kk (Kco). 
[0102] The encrypted AV data Kco (D) and the 
encrypted contents key STB Pa (Kco) are transmitted to 45 
the VTR apparatus 5 via the D-l/F 18 and via the certi- 
fied key exchanging means 1 9 and the D-l/F 1 8, respec- 
tively; however, before the transmission, the certified 
key exchanging means 19 and 52 corresponding to the 
STB 1 and the VTR apparatus 5, respectively, exchange so 
their certified keys via the D-I/Fs 18 and 51 to confirm 
that they are parties transmittable to each other, and the 
above-mentioned transmission is carried out. 
[0103] The encrypted AV data Kco (D) transmitted to 
the VTR apparatus 5 is sent to the MUX 54 via the D- l/F ss 
51. In addition, the encrypted contents key Kk (Kco) 
transmitted to the VTR apparatus 5 is sent to the key 
decrypting means 61 via the D-l/F 51 and the certified 


key exchanging means 52. The key decrypting means 
61 decrypts the encrypted contents key Kk (Kco) to 
restore the contents key Kco by using the common key 
Kk stored in the VTR information storing means 71 and 
sends it to the key encrypting means 62. The key 
encrypting means 62 encrypts the contents key Kco by 
using the public key VTR Pa inherent in the VTR appa- 
ratus 5 and stored in the VTR information storing means 
71 to generate the encrypted contents key VTR Pa 
(Kco) and sends it to the MUX 54. The encrypted AV 
data Kco (D) and the encrypted contents key VTR Pa 
(Kco) sent to the MUX 54 are multiplexed in accordance 
with the format of the recording medium 6, and then 
recorded on the recording medium 6 by the recording 
means 55. 

[01 04] Next, the flow of data at the time when AV data 
recorded on the recording medium 6 is reproduced will 
be described below referring to FIG. 17. FIG. 17 is a 
flow chart showing the flow of data at the time when the 
data recording/reproducing system in accordance with 
the sixth embodiment of the present invention repro- 
duces data. In FIG. 17, means and the like not required 
for reproduction are omitted as appropriate from the 
configuration shown in FIG. 15. VTR Sa corresponds to 
the public key VTR Pa, and represents a secret key 
inherent in the VTR apparatus 5 and used to decrypt the 
encrypted contents key VTR Pa (Kco) to restore the 
contents key Kco. The other reference encrypts in the 
figure are the same as those used in FIG. 16. 
[0105] The encrypted AV data Kco (D) and the 
encrypted contents key VTR Pa (Kco), multiplexed and 
recorded on the recording medium 6, are reproduced by 
the reproducing means 58, and demultiplexed by the 
DMUX 57. The demultiplexed encrypted contents key 
VTR Pa (Kco) is sent to the key decrypting means 64. 
The key decrypting means 64 decrypts the encrypted 
contents key VTR Pa (Kw) to restore the contents key 
Kco by using the secret key VTR Sa inherent in the VTR 
apparatus 5 and stored in the VTR information storing 
means 71 , and sends it to the key encrypting means 63. 
The key encrypting means 63 encrypts the contents key 
Kco by using the common key Kk stored in the VTR 
information storing means 71 to generate the encrypted 
contents key Kk (Kco). 

[0106] The demultiplexed encrypted AV data Kco (D) 
and the generated encrypted contents key Kk (Kco) are 
transmitted to the STB 1 via the D-l/F 51 and via the cer- 
tified key exchanging means 52 and the D-l/F 51. 
respectively; however, before the transmission, the cer- 
tified key exchanging means 19 and 52 corresponding 
to the STB 1 and the VTR apparatus 5. respectively, 
exchange their certified keys via the D-I/Fs 18 and 51 to 
oonfirm that they are parlies transmittable to each other, 
and the above-mentioned transmission is carried out 
just as in the case of recording. 
[01 07] The encrypted AV data Kco (D) transmitted to 
the STB 1 is sent to the contents decrypting means 14 
via the D-l/F 18, and the encrypted contents key Kk 
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recording/reproducing system in accordance with the 
first embodiment in that the present system is provided 
with an integrated STB 7 having integrated functions of 
the STB 1 and the VTR apparatus 5, whereby the D-I/Fs 
18 and 51 provided for the data recording/reproducing 
system in accordance with the first embodiment are 
omitted. 

[0127] Just as in the case of the first embodiment, 
when billing information is recorded in the STB informa- 
tion storing means 17 for example, the IC card 2 and the 
card reading means 10 may be omitted from the data 
recording/reproducing system in accordance with the 
present embodiment. 

[0128] Next, the operations of the present embodi- 
ment will be described below. 
[0129] First, the flow of data at the time when AV data 
is recorded on the recording medium 6 will be described 
below referring to FIG. 24. FIG. 24 is a flow chart show- 
ing the flow of data at the. time when the data record- 
ing/reproducing system in accordance with the eighth 
embodiment of the present invention records data. In 
FIG. 24, means and the like not required for recording 
are omitted as appropriate from the conf iguration shown 
in FIG. 23. Furthermore, the reference encrypts in the 
figure are the same as those used in FIGS. 2 and 3, and 
STB Pa represents a public key inherent in the inte- 
grated STB 7 and used to encrypt the contents key Kco. 
Furthermore, just as in the case of the first embodiment, 
by switching the contents key Kco at regular or irregular 
intervals, the data recording/reproducing system in 
accordance with the present embodiment becomes a 
system wherein encrypting-related information is less 
likely to leak outside. 

[0130] The AV data D, encrypted as broadcasting 
radio waves and multiplexed, is received via the 
antenna 3, demodulated by the receiving/demodulating 
means 21 and decrypted by the broadcasting descram- 
biing means 20 with respect to encrypts for broadcast- 
ing, demultiplexed by the DMUX 23 to become plain AM 
data D, and then sent to the video decoder 11 , the audio 
decoder 12 and the contents encrypting means 13. The 
video decoder 11 and the audio decoder 12 decode 
highly efficient coding and the like given to the AV data 
D, and output data to the display 4. The contents 
encrypting means 13 generates the contents key Kco, 
encrypts the AV data D by using the generated contents 
key Kco to generate encrypted AV data Kco (D). The 
generated contents key Kco is sent to the key encrypt- 
ing means 15, and the key encrypting means 15 
encrypts the contents key Kco by using the public key 
STB Pa inherent in the integrated STB 7 and stored in 
the STB information storing means 17 to generate the 
encrypted contents key STB Pa (Kco). 
[01 31 ] The generated encrypted AV data Kco (D) and 
the encrypted contents key STB Pa (Kco) are respec- 
tively sent to the MUX 54 and multiplexed in accordance 
with the format of the recording medium 6, and then 
recorded on the recording medium 6 by the recording 


means 55. 

[01 32] Next, the flow of data at the time when AV data 
recorded on the recording medium 6 is reproduced will 
be described below referring to FIG. 25. FIG. 25 is a 

5 flow chart showing the flow of data at the time when the 
data recording/reproducing system in accordance with 
the eighth embodiment of the present invention repro- 
duces data. In FIG. 25, means and the like not required 
for reproduction are omitted as appropriate from the 

10 configuration shown in FIG. 23. Although the reference 
encrypts in the figure are the same as those used in 
FIGS. 2 and 3, STB Sa corresponds to the public key 
STB Pa and represents a secret key inherent in the inte- 
grated STB 7 and used to decrypt the encrypted cen- 
ts tents key STB Pa (Kco) to restore the contents key Kco. 
[0133] The encrypted AV data Kco (D) and the 
encrypted contents key STB Pa (Kco), multiplexed and 
recorded on the recording medium 6, are reproduced by 
the reproducing means 58, and demultiplexed by the 

20 DMUX 57. 

[0134] The demultiplexed AV data Kco (D) is sent to 
the contents decrypting means 14, and the demulti- 
plexed encrypted contents key STB Pa (Kco) is sent to 
the key decrypting means 16. The key restoring means 

25 1 6 decrypts the encrypted contents key STB Pa (Kco) to 
restore the contents key Kw by using the secret key 
STB Sa inherent in the integrated STB 7 and stored in 
the STB information storing means 1 7, and sends it to 
the contents decrypting means 14. The contents 

30 decrypting means 14 outputs the AV data D obtained by 
decrypting the encrypted AV data Kco (D) by using the 
restored contents key Kco to the video decoder 1 1 and 
the audio decoder 12. The video decoder 11 and the 
audio decoder 12 decode highly efficient coding and the 

35 like given to the AV data D, and output data to the dis- 
play 4. 

[0135] By recording/reproducing the AV data in 
accordance with the above-mentioned procedure, the 
burden to the data transmission between the appara- 

40 tuses can be omitted; therefore, it is understood that the 
data recording/reproducing system in accordance with 
the present embodiment can reproduce only the spe- 
cific object, that the data recording/reproducing system 
is a system wherein encrypting-related information is 

45 less likely to leak outside, and that the system can have 
higher recording efficiency in comparison with the data 
recording/reproducing system of the first embodiment. 
[0136] In the present embodiment, it is explained that 
the public key and the secret key of the present inven- 

so tion are keys inherent in the integrated STB 7; however, 
without being limited to this, the keys may be keys inher- 
ent in the device model of the integrated STB 7, inherent 
in the user ID recorded on the IC card and inherent in 
the service recorded on the IC card of the present 

55 invention, just as in the case of one of the second to 
fourth embodiments. 

[0137] Furthermore, in the first to eighth embodi- 
ments, it is explained that the contents key of the 
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above-mentioned transmission is carried out just as in 
the case of recording. 

[01 1 7] The encrypted AV data Kco (D) transmitted to 
the STB 1 is sent to the contents decrypting means 14 
via the D-l/F 18, and the contents key Kco is sent to the s 
contents decrypting means 14 via the D-l/F 18 and the 
certified key exchanging means 19. respectively. The 
contents decrypting means 14 outputs the AV data D 
obtained by decrypting the encrypted AV data Kco (D) 
by using the contents key Kco to the video decoder 1 1 w 
and the audio decoder 12. The video decoder 11 and 
the audio decoder 1 2 decode highly efficient coding and 
the like given to the AV data D, and output data to the 
display 4. 

[01 1 8J The STB information storing means 1 7 and the is 
VTR information storing means 71 are not required to 
hold the information of the common key held in the con- 
figuration shown in FIG. 15 

[01 1 91 By recording/reproducing the AV data in 
accordance with the above-mentioned procedure, the 20 
data transmission between the STB 1 and the VTR 
apparatus 5 can be carried out without encrypting the 
contents key; therefore, the burden to the STB 1 and the 
VTR apparatus 5 during recording/reproduction can be 
further decreased; for this reason, it is understood that 25 
the data recording/reproducing system having the con- 
figuration shown in FIG. 18 is capable of having higher 
recording efficiency in comparison with the data record- 
ing/reproducing system having the configuration shown 
in FIG. 15. However, in comparison with the data 30 
recording/reproducing system having the configuration 
shown in FIG. 15, the present system is low in security 
for data transmission between the STB 1 and the VTR 
apparatus 5. This kind of configuration is particularly 
effective when applied to the data recording/reproduc- 35 
ing system provided with an integrated STB wherein the 
functions of the STB and the VTR apparatus are inte- 
grated, just as in the case of an eighth embodiment 
described later. 


(Seventh embodiment) 


40 


[0120] A seventh embodiment in accordance with the 
present invention will be described below referring to 
the drawings. The present embodiment differs from the 4s 
above-mentioned first embodiment in that the contents 
key is encrypted/decrypted by using a common key 
instead of using the public key and the secret key. For 
this reason, the same components as those used for the 
first embodiment are designated by the same reference so 
codes, and the explanations of these components are 
omitted. Furthermore, components not described spe- 
cifically are the same as those of the first embodiment. 
[0121 ] The configuration of the data recording/repro- 
ducing system in accordance with the present embodi- ss 
ment is the same as the configuration of the data 
recording/reproducing system in accordance with the 
first embodiment 


[01 22] The operations of the present embodiment will 
be described below. 

[0123] FIG. 21 is a flow chart showing the flow of data 
at the time when the data recording/reproducing system 
in accordance with the seventh embodiment of the 
present invention records data. FIG. 22 is a flow chart 
showing the flow of data at the time when the data 
recording/reproducing system in accordance with the 
seventh embodiment of the present invention repro- 
duces data. As shown in FIGS. 21 and 22, the present 
embodiment is the same as the data recording/repro- 
ducing system of the first embodiment except that the 
common key Kk stored in the STB information storing 
means 17 is used to encrypt and decrypt the contents 
key Kco. The common key Kk is a key inherent in the 
STB 1 , the device model of the STB 1 , user ID or serv- 
ice, for example. In addition, the common key Kk may be 
recorded on the IC card 2. When the common key Kk is 
not recorded on the IC card 2, and when billing informa- 
tion is recorded in the STB information storing means 
17 for example, the card reading means 10 may be 
omitted. Furthermore, when the common key Kk is not 
recorded in the STB storing means 1 1 , the STB storing 
means 1 1 may be omitted. 

[0124] By recording/reproducing the AV data in 
accordance with the above-mentioned procedure, the 
pifclic key is not used to encrypt the contents key; for 
this reason, it is understood that the data record- 
ing/reproducing system of the present embodiment is 
capable of having a shorter key data length in compari- 
son with the data recording/reproducing system of the 
first embodiment, thereby being capable of attaining 
higher recording efficiency and smaller apparatus size. 

(Eighth embodiment) 

[0125] An eighth embodiment in accordance with the 
present invention will be described below referring to 
the drawings. The present embodiment differs from the 
above-mentioned first embodiment in that, although the 
data recording/reproducing system of the first embodi- 
ment is provided with the tuner apparatus and the VTR 
apparatus of the present invention, the data record- 
ing/reproducing system of the present embodiment is 
provided with an apparatus having integrated functions 
of the above-mentioned tuner apparatus and the above- 
mentioned VTR apparatus. For this reason, the same 
components as those used for the first embodiment are 
represented by the same reference codes, and the 
explanations of these components are omitted. Further- 
more, components not described specifically are the 
same as those of the first embodiment. 
[0126] FIG. 23 is a configuration view showing the 
configuration of the data recording/reproducing system 
in accordance with the eighth embodiment of the 
present invention. The configuration of the data record- 
ing/reproducing system in accordance with the present 
embodiment differs from the configuration of the data 
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the timer. 

[0150] The key encrypting means 70 is a means 
wherein the contents Key Kco is input from the first key 
generating means 80, the key-encrypting key Kx is input 
from the KxFlFO 85, and the contents key Kco is 
encrypted by using the key-encrypting key Kx. In the fol- 
lowing descriptions, the contents key Kco encrypted by 
using the key-encrypting key Kx is referred to as Kx 
(Kco). 

[01 51 ] The relationship information generating means 
84 is a means wherein information regarding the 
date/time of the generation of the key-encrypting key Kx 
4 is generated as information for establishing the rela- 
tionship between the AV data Kco (D) encrypted by the 
contents key Kco and the key-encrypting key Kx used to 
encrypt the contents key Kco. 
[01 52] The MUX 54 is a means wherein the encrypted 
AV data Kco (D) is input from the contents encrypting 
means 13, Kx (Kco) is input from the key encrypting 
means 70. the date/time information is input from the 
relationship information generating means 84, and 
these are recorded on the recording medium 6. 
[0153] The DMUX 57 is a means wherein the 
encrypted AV data Kco (D), Kx (Kco) and the date/time 
information, having been recorded on the recording 
medium 6, are input and demultiplexed. 
[0154] The key-encrypting key obtaining means 82 is 
a means wherein the date/time information is input from 
the DMUX 57, the key-encrypting key Kx corresponding 
to the encrypted AV data Kco (D) to be reproduced is 
specified on the basis of the date/time information, and 
the specified key-encrypting key Kx is obtained from the 
KxFlFO 85. 

[0155] The Kx latch means 86 is a means wherein the 
key-encrypting key Kx is input from the key-encrypting 
key obtaining means 82, latched and output to the key 
decrypting means 71. 

[0156] The key decrypting means 71 is a means 
wherein Kx (Kco) is input from the DMUX 57, the key- 
encrypting key Kx is input from the Kx latch means 86, 
and Kx (Kco) is decrypted by using the key-encrypting 
key Kx to restore the contents key Kco. 
[01 57] The contents decrypting means 1 4 is a means 
wherein the encrypted AV data Kco (D) is input from the 
DMUX 57, the contents key Kco is input from the key 
decrypting means 71 , and the AV data Kco (D) 
encrypted by using the contents key Kco is decrypted. 
[0158] The video decoder 1 1 is a means wherein the 
video data from the DMUX 23 is decrypted. 
[0159] The audio decoder 1 2 is a means wherein the 
audio data from the DMUX 23 is decrypted. 
[0160] The contents encrypting means 13 is used as 
the contents encrypting means of claim 39 of the 
present invention, the second key generating means 81 
is used as the key-encrypting key generating means 
thereof, the KxFlFO 85 is used as the storing means 
thereof, the key encrypting means 70 is used as the key 
encrypting means thereof, the relationship information 


generating means 84 is used as the relationship infor- 
mation generating means thereof, and the MUX 54 is 
used as the recording means thereof. Furthermore, in 
the present embodiment, the first key generating means 

5 80 is used as the contents key generating means of 
claim 44 of the present invention. Moreover, the key- 
encrypting key obtaining means 82 is used as the key- 
encrypting key obtaining means of claim 45 of the 
present invention, the key decrypting means 71 is used 

jo as the key decrypting means thereof, and the contents 
decrypting means 1 4 is used as the contents decrypting 
means thereof. 

[01 61 ] Next, the operations of the recording apparatus 
in accordance with the ninth embodiment of the present 

is invention will be described below. 

[0162] First, the receiving/demodulating means 21 
receives digital video data, audio data, EMM (individual 
information), ECM (program information) and encrypted 
broadcasting scrambling key Ks from a broadcasting 

20 station, shapes the disturbances in the signal wave- 
forms of the video data and the audio data, and outputs 
the video data, audio data, EMM, ECM and encrypted 
broadcasting scrambling key Ks to the DMUX 23. 
[0163] Then, the DMUX 23 receives the video data, 

25 audio data, EMM, ECM and broadcasting scrambling 
key Ks from the receiving/demodulating means 21, 
demultiplexes them, and outputs the video data and 
audio data (AV data) to the broadcasting descrambling 
means 20. Furthermore, the means outputs the EMM to 

30 the EMM decrypting means 25, and also outputs the 
ECM and the encrypted broadcasting scrambling key 
Ks to the ECM decrypting means 24. 
[01 64] Next, the EMM decrypting means 25 receives 
the user ID key Km, also receives the EMM from the 

35 DMUX 23, decrypts the EMM by using the user ID key 
Km to generate the work key Kw, and outputs it to the 
ECM decrypting means 24. 

[0165] Furthermore, the ECM decrypting means 24 
receives the work key Kw from the EMM decrypting 

40 means 25, also receives the ECM and the encrypted 
broadcasting scrambling key Ks from the DMUX 23, 
decrypts the ECM by using the work key Kw to restore 
the encrypting of the encrypted broadcasting scram- 
bling key Ks, and outputs it to the broadcasting scram- 

45 Wing means 20. 

[01 66] And the broadcasting descrambling means 20 
receives the broadcasting scramble key Ks from the 
ECM decrypting means 24 and also receives scrambled 
AV data from the DMUX 23, and then descrambles the 

so scrambled AV data by using the broadcasting scram- 
bling key Ks. Furthermore, the broadcasting descram- 
bling means 20 outputs the descrambled AV data to the 
DMUX 23 or the contents encrypting means 13. The 
broadcasting descrambling means 20 outputs the AV 

55 data to DMUX 23 when the AV data is directly shown on 
the display 4 in real time, and outputs the AV data to the 
contents encrypting means 13 when the AV data is 
recorded on the recording medium 6. However, the AV 
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present invention is switched at regular or irregular 
intervals; if the same contents key is used, the encrypt- 
ing-related information is more likely to leak outside 
than the case of the switching at regular or irregular 
intervals; however, it is still possible to say that the sys- 5 
tern is a system wherein the encrypting-related informa- 
tion is less likely to leak, in comparison with the 
conventional data recording/reproducing system. 
[0138] Moreover, it is explained that, in the above- 
mentioned first to eighth embodiments, the second 10 
encrypting in accordance with the present invention is 
carried out by using the keys (the public key and the 
common key) different from the contents key used for 
the first encrypting in accordance with the present 
invention; however, without being limited to this, the sec- is 
ond encrypting may be applied to the contents key itself 
by using the same algorithm as that corresponding to 
the contents key used for the first encrypting. In addi- 
tion, the first encrypting may be carried out for digital 
data by using the common key as the contents key, and 20 
the second encrypting may be earned out by using the 
same common key as the above-mentioned common 
key, for example. Besides, the data recording/reproduc- 
ing system of the present invention is mainly explained 
in the descriptions of the first to eighth embodiments. 25 
and the data recording/reproducing methods of the 
present invention correspond to the methods explained 
in the above-mentioned descriptions. 

(Ninth embodiment) 30 

[01 39] First, the configurations of a recording appara- 
tus and a reproducing apparatus in accordance with a 
ninth embodiment of the present invention will be 
described. 35 
[0140] FIG. 26 is a block diagram showing the record- 
ing apparatus and the reproducing apparatus in accord- 
ance with the ninth embodiment of the present 
invention. The recording apparatus in accordance with 
the ninth embodiment of the present invention com- 40 
prises a first key generating means 80, a contents 
encrypting means 13, a second key generating means 
81 , a KxFIFO 85, a key encrypting means 70, a relation- 
ship information generating means 84 and an MUX 54. 
Furthermore, the reproducing apparatus in accordance 45 
with the ninth embodiment of the present invention com- 
prises a DMUX 57, a key-encrypting key obtaining 
means 82, a Kx latch means 86, a key decrypting 
means 71 and a contents decrypting means 14. Fur- 
thermore, in FIG. 26, a receiving/demodulating means so 
21 , a DMUX 23, an EMM decrypting means 25, an ECM 
decrypting means 24 t a broadcasting descramWing 
means 20, a video decoder 1 1 and an audio decoder 12 
are also shown. Moreover, a recording medium 6 used 
as a recording medium and a display 4 for showing 55 
images and outputting sound are also shown. 
[0141] The receiving/demodulating means 21 is a 
means wherein digital video data and audio data, EMM 


(individual information), ECM (program information) and 
encrypted broadcasting scrambling key Ks are input 
from a broadcasting station via a communications satel- 
lite, and all or parts of the signal waveforms of these are 
shaped. 

[0142] The DMUX 23 is a means wherein the video 
data, audio data, EMM, ECM and encrypted broadcast- 
ing scrambling key Ks, which have been input from the 
receiving/demodulating means 21 and waveform- 
shaped are demultiplexed, and the descramWed video 
data and audio data having been input from the broad- 
casting descramWing means 20 are also demultiplexed. 
Furthermore, the DMUX 23 is also a means wherein the 
video data and audio data having been input from the 
contents decrypting means 14 is demultiplexed. 
[0143] The EMM decrypting means 25 is a means 
wherein the user ID key Km is input, the EMM is input 
from the DMUX 23. and the EMM is decrypted by using 
the user ID key Km to generate the work key Kw. 
[0144] The ECM decrypting means 24 is a means 
wherein the work key Kw is input from the EMM decrypt- 
ing means 25, the ECM and the encrypted broadcasting 
scrambling key Ks are input from the DMUX 23, and the 
ECM is decrypted by using the work key Kw to restore 
the broadcasting scrambling key Ks. 
[0145] The broadcasting descramWing means 20 is a 
means wherein the broadcasting scrambling key Ks is 
input from the ECM decrypting means 24, the scram- 
Wed AV data is input from the DMUX 23, and the scram- 
bled AV data is descramWed by using the broadcasting 
scrambling key Ks. 

[0146] The first key generating means 80 is a means 
wherein the contents key Kco for encrypting again the 
AV data descramWed by the broadcasting descramWing 
means 20 is generated. 

[0147] The contents encrypting means 13 is a means 
wherein the AV data is input from the broadcasting 
descramWing means 20, the contents key Kco is input 
from the first key generating means 80, and the AV data 
D is encrypted by using the contents key Kco. In the fol- 
lowing descriptions, the AV data D encrypted by using 
the contents key Kco is referred to as Kco (D). 
[0148] The second key generating means 81 is a 
means wherein a key-encrypting key Kx for encrypting 
the contents key Kco generated by the first key generat- 
ing means 80 is generated. It is supposed that the sec- 
ond key generating means 81 generates different key- 
encrypting keys Kx, on every day, and that these differ- 
ent keys Kx are referred to as Kx1 , Kx2. Kx3 respec- 
tively. Furthermore, it is supposed that the key- 
encrypting keys Kx1, Kx2, Kx3, .... are each discarded 
in a week. 

[0149] The KxFIFO 85 is a means wherein the key- 
encrypting keys Kx1, Kx2, Kx3 are input from the 

second key generating means 81 and stored, and also 
a means having a first-in first-out function, wherein a 
timer is provided, and the key-encrypting keys Kx, hav- 
ing passed one week after input, are discarded by using 


17 


37 


EP0 989 557A1 


38 


[0182] At the start, the case when the reproducing 
apparatus reproduces the encrypted AV data Kco (D) 
recorded on the recording medium 6 on January 1 will 
be described. 

[0183] First, from the recording medium 6, the DMUX 
57 receives the encrypted AV data Kco (D), Kx1 (Kco) 
and the date/time information of January 1 , recorded on 
January 1 , and demultiplexes them, and then outputs 
the date/time information of January 1 to the key- 
encrypting key obtaining means 82. 
[0184] Then, the key-encrypting key obtaining means 
82 receives the date/time information of January 1 , and 
specifies the key-encrypting key Kx1 on the basis of the 
date/time information, and retrieves the key-encrypting 
key Kx1 from the list of FIG. 27 (b) stored in the KxFIFO 
85. However, since more than one week has passed 
since the generation of the key-encrypting key Kx1 , it is 
discarded by the KxFIFO 85, and not present in the list 
of FIG. 27 (b). Therefore, the key-encrypting key obtain- 
ing means 82 cannot obtain the key-encrypting key Kx1 . 
As a result, the contents decrypting means 14 cannot 
decrypt the encrypted AV data Kco (D) recorded on 
January 1 , which is required to be decrypted by indi- 
rectly using the key-encrypting key Kx1 ; even if the AV 
data is output to the display 4, it cannot be decrypted, 
whereby the display 4 cannot output the images and 
sound of the original AV data. 
[0185] Next, the case when the reproducing appara- 
tus reproduces the encrypted AV data Kco (D) recorded 
on the recording medium 6 on January 3 will be 
described. 

[0186] First, from the recording medium 6, the DMUX 
57 receives the encrypted AV data Kco (D) recorded on 
January 3, Kx3 (Kco) and the date/time information of 
January 3, and demultiplexes them, and then outputs 
the date/time information of January 3 to the key- 
encrypting key obtaining means 14. 
[0187] Next, the key-encrypting key obtaining means 
14 receives the date/time information of January 3, and 
specifies the key-encrypting key Kx3 on the basis of the 
date/time information, and retrieves the key-encrypting 
key Kx3 from the list of FIG. 27 (b) stored in the KxFIFO 
85, obtains the key-encrypting key Kx3, and outputs it to 
the Kx latch means 86. 

[0188] Then, the Kx latch means 86 receives the key- 
encrypting key Kx3 and outputs it to the key decrypting 
means 71. Furthermore, the DMUX 57 outputs Kx3 
(Kco) to the key decrypting means 71 . 
[0189] And the key decrypting means 71 receives Kx3 
(Kco) from the DMUX 57 and the key-encrypting key 
Kx3 from the Kx latch means 86, decrypts Kx3 (Kco) by 
using the key-encrypting key Kx3 to restore the contents 
key Kco, and outputs the contents key Kco to the con- 
tents decrypting means 14. Furthermore, the DMUX 57 
outputs the encrypted AV data Kco (D) to the key 
decrypting means 71. 

[0190] Next, the contents decrypting means 14 
receives the encrypted AV data Kco (D) from the DMUX 


57 and the contents key Kco from the key decrypting 
means 71, decrypts the encrypted AV data Kco (D) by 
using the contents key Kco, and outputs the decrypted 
AV data to the DMUX 23. 

5 [0191] Then, the DMUX 23 receives the AV data D 
from the contents decrypting means 14, demultiplexes it 
to video data and audio data, outputs the video data to 
the video decoder 1 1 , and outputs the audio data to the 
audio decoder 12. Hereinafter, the video decoder 11 

io and the audio decoder 12 decode the video data and 
the audio data from the DMUX 23, respectively, and out- 
put data to the display 4. The display 4 then shows 
images and outputs sound. 

[01 92] In this way, each of the encrypted AV data Kco 

is (D) recorded on the recording medium 6 cannot be 
reproduced as original images and sound eventually, if 
the recording has not been carried out within one week. 
[0193] In the above-mentioned ninth embodiment, 
each of the encrypted AV data Kco (D) recorded on the 

20 recording medium 6 can be reproduced, if the recording 
has been carried out within one week; however, instead 
of limiting the period to one week or less, the number of 
reproductions for each of the encrypted AV data Kco (D) 
may be limited to once or three times, for example, so 

25 that reproduction cannot be carried out if the number of 
reproductions is not within the limited number of repro- 
ductions. In other words, as shown in FIG. 28, in the 
case when the reproducing apparatus of the present 
invention is provided with a counter 87, when the coun- 

30 ter 87 checks the number of reproductions of each of 
the encrypted AV data Kco (D), and when the number of 
reproductions reaches the limited reproduction number, 
once or three times, for example, the KxFIFO 85 may 
discard the key-encrypting key Kx corresponding to the 

35 encrypted AV data Kco (D). Furthermore, the above- 
mentioned limitation on period, such as one week or 
less, may be used together with the limitation on the 
number of reproductions. 

[0194] In addition, in the above-mentioned ninth 

40 embodiment, the KxFIFO 85 discards the stored key- 
encrypting keys Kx after a lapse of one week. However, 
it may be possible that the KxFIFO 85 does not discard 
but keeps storing the stored key-encrypting keys Kx 
even after one week, that the key-encrypting key obtain- 

45 ing means 82 judges whether the date on which the 
encrypted AV data Kco (D) is to be reproduced is within 
one week from the generation of the key-encrypting key 
Kx, or whether the number of reproductions is within the 
limitation, and that, if the date is within one week or if the 

so number of reproductions is within the limitation, the key- 
encrypting key Kx corresponding to the encrypted AV 
data Kco (D) to be reproduced can be obtained from the 
KxFIFO 85. Accordingly, in this case, the contents 
encrypting means 13 corresponds to the contents 

55 encrypting means of claim 46 of the present invention, 
the second key generating means 81 corresponds to 
the key-encrypting key generating means thereof, the 
KxFIFO 85 corresponds to the storing means thereof, 
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data recorded on the recording medium 6 is not the AV 
data itself input from the broadcasting descrambting 
means 20, but data subjected to contents encrypting 
again. 

[0167] First, the case when the broadcasting 
descrambting means 20 outputs the AV data to the 
DMUX 23 is explained. 

[0168] In this case, the DMUX 23 receives the AV data 
from the broadcasting descrambling means 20, demulti- 
plexes it to the video data and the audio data, outputs 
the video data to the video decoder 1 1 , and outputs the 
audio data to the audio decoder 12. Then, the video 
decoder 1 1 and the audio decoder 12 decode the video 
data and the audio data input from the DMUX 23, 
respectively, and outputs data to the display 4. And the 
display 4 shows images and outputs sound. 
[0169] Next, the case when the broadcasting 
descrambling means 20 outputs the AV data to the con- 
tents encrypting means 13 is explained. In other words, 
this is the case when the AV data is recorded on the 
recording medium 6 as described above. 
[0170] First, the contents encrypting means 13 
receives the descrambled AV data D from the broad- 
casting descrambling means 20. 
[0171] The first key generating means 80 generates 
the contents key Kco for encrypting the AV data D input 
from the contents encrypting means 13, and outputs it 
to the contents encrypting means 13 and the key 
encrypting means 70. 

[0172] Next, the contents encrypting means 13 
receives the contents key Kco from the first key gener- 
ating means 80, and encrypts the AV data D by using 
the contents key Kco. In other words, the Kco (D) is gen- 
erated. Then, the Kco (D) is output to the relationship 
information generating means 84 and the MUX 54. 
[0173] On the other hand, the second key generating 
means 81 generates the key-encrypting key Kx for 
encrypting the contents key Kco generated by the first 
key generating means 80. It is supposed that the key- 
encrypting key Kx generated by the second key gener- 
ating means 81 differs day by day. For convenience in 
explanation, it is hereafter supposed that the starting 
date of the operation of the recording apparatus is Jan- 
uary 1, 1998, and the current date when recording is 
carried out is January 4, 1998, three days after the start- 
ing date, and that as shown in the key-encrypting key Kx 
list of Fig. 27(a), the key-encrypting key Kx generated 
on January 1 is Kx1 , the key-encrypting key Kx gener- 
ated on January 2 is Kx2 and the key-encrypting key 

Kx generated on January 4 is Kx4. Furthermore, it is 
supposed that the key-encrypting key Kx is generated 
hereinafter in the same way. Besides, the operations of 
the recording apparatus on January 4 will be described 
hereinafter, unless otherwise specified. 
[0174] As shown in the list of FIG. 27 (a), from the sec- 
ond key generating means 81, the KxFIFO 85 has 
already received and stored the key-encrypting keys Kx, 
one on every day, starting from January 1, the KxFIFO 


85 thus has stored the key-encrypting keys, Kx1, Kx2 
and Kx3 until January 3, and the KxFIFO 85 then 
receives and stores Kx4 on the current date, January 4. 
The storage is carried out so that the newest key- 

s encrypting key Kx is placed at the top of the list of FIG. 
27 (a) at all times, and older ones are ranked lower in 
sequence. The KxFIFO 85 discards the stored key- 
encrypting keys Kx1, Kx2, .... one week after the stor- 
age of each key. For example, as shown in the list of 

w FIG. 27 (b), the key-encrypting keys Kx1 and Kx2 are 
discarded on January 9, and the KxFIFO 85 stores 

seven key-encrypting keys in the order of Kx9, Kx8 

Kx4 and Kx3. In other words, the number of the key- 
encrypting keys Kx stored in the KxFIFO 85 remains 

is seven. 

[01 75] Next, the key encrypting means 70 receives the 
contents key Kco from the first key generating means 
80, also receives the key-encrypting key Kx4 generated 
on January 4, the date of recording, from the second 

20 key generating means 81 via the KxFIFO 85, and 
encrypts the contents key Kco by using the key-encrypt- 
ing key Kx4. In other words, Kx4 (Kco) is generated. 
[0176] And the relationship information generating 
means 84 receives the encrypted AV data Kco (D) from 

25 the contents encrypting means 13 and the Kx4 (Kco) 
from the key encrypting means 70, and generates infor- 
mation indicating a date/time when the key-encrypting 
key Kx4 is generated as information for establishing the 
relationship between the key-encrypting key Kx4 and 

30 the AV data Kco (D) encrypted by using the contents 
key Kco encrypted by using the key-encrypting key Kx4. 
In other words, date/time information, January 4, is gen- 
erated. 

[0177] Hereafter, the MUX 54 receives the encrypted 

35 AV data Kco (D) from the contents encrypting means 
13, the Kx4 (Kco) from the key encrypting means 70 
and the date/time information, i.e., January 4, from the 
relationship information generating means 84, and then 
records them as one group. 

40 [01 78] In this way, Kxn (Kco) corresponding to the key- 
encrypting key Kxn (n = 1, 2, ...) generated on every 
day, i.e., on each day, the encrypted AV data Kco (D) 
and the date/time information , regarding the day are 
recorded as one group on the recording medium 6. 

45 [01 79] Next the operations of the reproducing appara- 
tus in accordance with the ninth embodiment of the 
present invention will be described below. 
[0180] In other words, the case of reproducing the 
encrypted AV data Kco (D) recorded on the recording 

so medium 6 by the recording apparatus will be described. 
[0181 ] For convenience in the following explanation, it 
is supposed that the date when the reproducing appara- 
tus reproduces the encrypted AV data Kco (D) on the 
recording medium 6 is January 9. Furthermore, it is sup- 

55 posed that the reproducing apparatus reproduces the 
encrypted AV data Kco (D) recorded on the recording 
medium 6 on January 1 and the encrypted AV data Kco 
(D) recorded on the recording medium 6 on January 3. 
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be a date/time when the contents encrypting means 13 
received the AV data D, a date/time when the contents 
encrypting means 13 encrypted the contents of the AV 
data D by using the contents key Kco, a date/time when 
the second key generating means 81 generated the 
key-encrypting key Kx. a date/time when the KxFIFO 85 
stored the key-encrypting key Kx, a date/time when the 
key encrypting means 70 encrypted the contents key 
Kco by using the key-encrypting key Kx, or a date/time 
when the MUX 54 recorded the encrypted AV data Kco 
(D) on the recording medium 6. Alternatively, the infor- 
mation may be information regarding the date/time 
when the above-mentioned key-encrypting key Kx was 
generated or the date/time when the contents encrypt- 
ing means 13 received the AV data D and a date/time 
when the AV data is to be reproduced. In this case, the 
key-encrypting key Kx is obtained, based on the fact 
that the ordinal ranks of the key-encrypting keys Kx in 
the key-encrypting key Kx list of FIG. 27 are lowered 
every day, and by considering the difference between 
the two date/time values. Alternatively, the relationship 
information of the present invention may be the number 
information or the like of the key-encrypting key Kx list of 
FIG. 27 on the basis of the date/time when the above- 
mentioned key-encrypting key Kx was generated, the 
date/time when the contents encrypting means 13 
received the AV data D and the date/time when the AV 
data is to be reproduced, and by considering the ordinal 
ranks of the key-encrypting keys Kx in the key-encrypt- 
ing key Kx list of FIG. 27 are lowered every day. 
[0201] Furthermore, in the above-mentioned ninth 
embodiment, the recording medium 6 is used as a 
recording medium; however, the recording medium is 
not limited to the recording medium 6, but may be a hard 
disk. 

[0202] Furthermore, in the above-mentioned ninth 
embodiment, the first key generating means 80 gener- 
ates the contents key Kco for encrypting the AV data D; 
however, the contents key Kco may be renewed at short 
intervals, lor example, several tens of seconds, so that it 
cannot be decrypted easily. 

[0203] Furthermore, before a key-encrypting key Kx is 
discarded or becomes unusable because a predeter- 
mined period, for example, one week, has passed after 
the generation of the key-encrypting key Kx, if the 
encrypted AV data Kco (D) corresponding to the key- 
encrypting key Kx has not been reproduced even once, 
the above-mentioned recording apparatus or the repro- 
ducing apparatus may be provided with a means lor 
notifying the fact to the user. 

INDUSTRIAL USABILITY 

[0204] As disclosed by the above descriptions, by 
encrypting data, the present invention in accordance 
with claim 1 can provide a data recording/reproducing 
method wherein only the specific object can be repro- 
duced and the above-mentioned encrypting-related 


information is less likely to leak outside. Furthermore, 
by encrypting data, the present invention in accordance 
with claim 4 can provide a data recording/reproducing 
system wherein only the specific object can be repro- 

5 duced and the above-mentioned encrypting-related 
information is less likely to leak outside. Moreover, the 
present invention in accordance with claim 22 or 23 can 
provide a data recording/reproducing method and a 
data recording/reproducing system capable of securely 

10 carrying out billing at the time of recording and/or repro- 
duction. In addition, the present invention in accordance 
with claim 30 can provide a data recording/reproducing 
system having less loss time at the time of reproduction. 
[0205] Moreover, the present invention can provide a 

is recording apparatus and a reproducing apparatus capa- 
ble of recording AV data on a recording medium and 
observing limitations on an effective reproduction period 
or an effective number of reproductions for the AV data. 
[0206] Besides, the program medium of the present 

20 invention may be a program medium, such as a CD- 
ROM, for storing programs for attaining all or parts of 
the components of the above-mentioned invention by 
using a computer. 

25 Claims 

1. A data recording/reproducing method wherein 
encrypted digital data obtained by subjecting digital 
data to first encrypting by using a contents key and 

30 encrypted contents key obtained by subjecting said 
contents key to second encrypting are recorded on 
a recording medium, said encrypted digital data 
and said encrypted contents key, having been 
recorded, are reproduced, and said encrypted dig- 

35 Hal data is decrypted by using said contents key 
obtained by decrypting said encrypted contents 
key, thereby to obtain said digital data. 

2. A data recording/reproducing method in accord- 
40 ance with claim 1 , wherein said encrypted contents 

key is recorded in a data area on said recording 
medium, from which data is output outside. 

3. A data recording/reproducing method in accord- 
45 ance with claim 1 or 2, wherein said contents key is 

switched at regular or irregular intervals. 

4. A data recording/reproducing system comprising a 
contents encrypting means for receiving digital data 

so and a contents key for encrypting said digital data 
and for subjecting said digital data to first encrypt- 
ing by using said contents key to generate 
encrypted digital data, a key encrypting means for 
subjecting said contents key to second encrypting 

55 to generate a encrypted contents key, a recording 
means for recording said encrypted digital data and 
said encrypted contents key on a recording 
medium, a reproducing means for reproducing said 
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the key encrypting means 70 corresponds to the key 
encrypting means thereof, the relationship information 
generating means 84 corresponds to the relationship 
information generating means thereof, and the MUX 54 
corresponds to the recording means thereof, respec- 5 
tively. Furthermore, the key-encrypting key obtaining 
means 82 corresponds to the key-encrypting key 
obtaining means of claim 50 of the present invention, 
the key decrypting means 71 corresponds to the key 
decrypting means thereof, and the contents decrypting 10 
means 14 corresponds to the contents decrypting 
means thereof, respectively. 

[0195] Furthermore, in the above-mentioned ninth 
embodiment, the first key generating means 80 gener- 
ates the contents key Kco for encrypting the AV data D is 
input by the contents encrypting means 13. However, it 
may be possible that the recording apparatus of the 
present invention is not provided with the first key gen- 
erating means 80 as shown in FIG. 29, that the contents 
encrypting means 13 receives the broadcasting scram- 20 
bling key Ks sent from a broadcasting station via the 
broadcasting descrambling means 20, and that the AV 
data D is encrypted by using the broadcasting scram- 
bling key Ks or a key obtained by processing the broad- 
casting scrambling key Ks. In this case, the key 25 
encrypting means 70 receives the broadcasting scram- 
bling key Ks or the key obtained by processing the 
broadcasting scrambling key Ks from the contents 
encrypting means 13, and decrypts it by using the key- 
encrypting key Kx. 30 
[0196] Furthermore, in the above-mentioned ninth 
embodiment, the AV data D is encrypted by using the 
contents key Kco from the first key generating means 
80. However, it may be possible that the recording appa- 
ratus of the present invention is not provided with the 35 
first key generating means 80 or the key encrypting 
means 15 as shown in FIG. 30, that the contents 
encrypting means 13 receives the key-encrypting key 
Kx from the second key generating means 81 via the 
KxFIFO 85, that the key-encrypting key Kx is used as 40 
the contents key Kx, and that the AV data D is encrypted 
by using the contents key Kx. In this case, the AV data 
D encrypted by using the contents key Kx, i.e., Kx (AV 
data) and the contents key Kx, are recordedcm the-- 
recording medium 6. Moreover, in this case, the repro- 45 
ducing apparatus of the present invention is not pro- 
vided with the key restoring means 16 as shown in FIG. 
30. Accordingly, in the case of reproducing Kx (AV 
data), the contents-key obtaining means 83 specifies 
the contents key Kx corresponding thereto, and obtains so 
it from the KxFIFO 85. Then, the contents decrypting 
means 14 receives Kx (AV data) from the recording 
medium 6 via the DMUX 57, also receives the contents 
key Kx from the key-encrypting key obtaining means 82 
via the Kx latch means 86, and decrypts the Kx (AV 55 
data) by using the contents key Kx. For this reason, in 
this case, that is, the second key generating means 81 
corresponds to the contents-key generating means of 


daims 53 and 20 of the present invention, the KxFIFO 
85 corresponds to the storing means thereof, the con- 
tents encrypting means 13 corresponds to the contents 
encrypting means thereof, the relationship information 
generating means 84 corresponds to the relationship 
information generating means thereof, and the DMUX 
23 corresponds to the recording means thereof. In addi- 
tion, the contents-key obtaining means 83 corresponds 
to the contents-key obtaining means in claims 57 and 
22 of the present invention, and the contents decrypting 
means 14 corresponds to the contents decrypting 
means thereof, respectively. 

[0197] Furthermore, as shown in Fig. 31, it may be 
possible that the recording apparatus of the above-men- 
tioned ninth embodiment is provided with a billing 
means 88, that in the case when the encrypted AV data 
Kco (D) is recorded on the recording medium 6, and 
when a predetermined amount of billing for the record- 
ing has been charged to the user, that is, only when a 
predetermined fee has been paid in advance by the 
user to a broadcasting station or the like, or only when 
the predetermined fee has been paid at least at the time 
of recording, the encrypted AV data Kco (D) can be 
recorded on the recording medium 6. Moreover, the bill- 
ing means 88 may not be disposed at the position 
shown in FIG. 31, but may be disposed between the key 
encrypting means 15 and the MUX 54. Briefly speaking, 
when the encrypted AV data Kco (D) is recorded on the 
recording medium 6, the billing means 88 should only 
charge the predetermined amount of billing for the 
recording, and may be disposed at any place. 
[0198] Furthermore, in the above-mentioned ninth 
embodiment, each key-encrypting key Kx is discarded 
after a lapse of one week; however, the date/time to be 
discarded is not limited to one week after generation, 
but may be one day or three days or 12 hours after gen- 
eration. In short, each key-encrypting key Kx should 
only be discarded after a lapse of a predetermined 
period after generation. 

[0199] Furthermore, in the above-mentioned ninth 
embodiment, the second key generating means 81 gen- 
erates different key-encrypting keys Kx, one on every 
day; however, the second key generating means 81 may 
geoefiate different key-encrypting keys Kx, one in every 
several hours on the same day. Moreover, the key- 
encrypting key Kx may be generated each time the 
encrypted AV data Kco (D) of a predetermined program 
is recorded on the recording medium 6. In other words, 
the key-encrypting key Kx may be generated each time 
when recording is started and finished. In short, the 
second key generating means 81 should only generate 
the key-encrypting key Kx for encrypting the contents 
key Kco of the encrypted AV data Kco to be recorded. 
[0200] Furthermore, in the above-mentioned ninth 
embodiment, the information of the date/lime when the 
key-encrypting key Kx is generated is used as the rela- 
tionship information of the present invention; however, 
the relationship information of the present invention may 
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model of said tuner apparatus. 

21. A data recording/reproducing system in accord- 
ance with claim 19, wherein said tuner apparatus 
has a card reading means capable of reading infor- 
mation recorded on an IC card, and said common 
key is inherent in the user ID recorded on said IC 
card or the service recorded on said IC card. 

22. A data recording/reproducing system in accord- 
ance with one of claims 6 to 21 , wherein said tuner 
apparatus generates and stores billing information 
at the time of recording by said recording medium. 

23. A data recording/reproducing system in accord- 
ance with one of claims 6 to 21 , wherein said tuner 
apparatus generates and stores billing information 
at the time of reproduction by said recording 
medium. 

24. A data recording/reproducing system in accord- 
ance with claim 23. wherein information required to 
generate said billing information is recorded on said 
recording medium at the time of recording by said 
recording medium, and said billing information is 
generated by using said required information at the 
time of reproduction by said recording medium. 

25. A data recording/reproducing system in accord- 
ance with claim 23 or 24, wherein the billing infor- 
mation is provided with limitation of the 
reproduction period of said recording medium . 

26. A data recording/reproducing system in accord- 
ance with one of claims 23 to 25, wherein the billing 
information is provided with limitation of the number 
of reproductions of said recording medium. 

27. A data recording/reproducing system in accord- 
ance with one of claims 22 to 26, wherein said tuner 
apparatus stores said billing information on said IC 
card. 

28. A data recording/reproducing system in accord- 
ance with one of claims 22 to 27, wherein said tuner 
apparatus outputs said billing information to a serv- 
ice provider via communications. 

29. A data recording/reproducing system in accord- 
ance with one of claims 4 to 28, wherein said 
encrypted contents key is recorded in a data area 
on said recording medium, from which data is out- 
put outside. 

30. A data recording/reproducing system in accord- 
ance with one of claims 4 to 29, wherein information 
regarding the inherence of said key subjected to 
said second encrypting is stored on said recording 


medium. 

31. A data recording/reproducing system in accord- 
ance with one of claims 4 to 30, wherein said con- 

s tents key is switched at regular or irregular 
intervals. 

32. A data recording/reproducing system in accord- 
ance with claim 31, wherein said recording medium 

10 is reproduced so that said encrypted contents key 
corresponding to said contents key after switching 
overlaps at least a part of said encrypted digital 
data corresponding to said contents key before 
switching with respect to timing. 

15 

33. A data recording/reproducing system in accord- 
ance with claim 31 or 32. wherein said recording 
medium is reproduced so that said encrypted con- 
tents key corresponding to one of said contents 

20 keys overlaps said encrypted digital data corre- 
sponding thereto with respect to timing. 

34. A data recording/reproducing system in accord- 
ance with one of claims 31 to 33, wherein, in the 

25 case when said tuner apparatus is provided, said 
tuner apparatus carries out said switching. 

35. A data recording/reproducing system in accord- 
ance with one of claims 31 to 34, wherein, in the 

30 case when said VTR is provided, said VTR appara- 
tus determines the reproduction timing of said 
encrypted contents key in response to said switch- 
ing. 

35 36. A data recording/reproducing system in accord- 
ance with one of claims 31 to 35, wherein said 
- encrypted digital data and said encrypted contents 
key are recorded at the recording position corre- 
sponding to said reproduction timing on said 

40 recording medium. 

37. A data recording/reproducing system in accord- 
ance with claim 36, wherein said switching timing is 
also recorded on said recording medium. 

45 

38. A data recording/reproducing system in accord- 
ance with one of claims 31 to 37, wherein, in the 
case when said tuner apparatus and said VTR are 
provided, said VTR apparatus outputs said con- 

so tents key for use after switching or said encrypted 
contents key corresponding thereto to said tuner 
apparatus, before outputting said encrypted digital 
data corresponding to said contents key for use 
after switching. 

55 

39. A recording apparatus comprising: 

a contents encrypting means for receiving dig- 
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encrypted digital data and said encrypted contents 
key from said recording medium, a key decrypting 
means for decrypting said encrypted contents key 
to restore said contents key, and a contents 
decrypting means for decrypting said encrypted 5 
digital data by using said contents key to obtain said 
digital data. 

5. A data recording/reproducing system in accord- 
ance with claim 4, wherein all of said means are 10 
provided for an integrated apparatus. 

6. A data recording/reproducing system in accord- 
ance with claim 4, wherein said receiving means, 
said contents encrypting means and said contents is 
decrypting means are provided for a tuner appara- 
tus, and said recording means and said reproduc- 
ing means are provided for a VTR apparatus. 

7. A data recording/reproducing system in accord- 20 
ance with claim 6 t wherein said second encrypting 

is carried out by using a public key, and said 
encrypted contents key is decrypted by using a 
secret key corresponding to said public key. 

25 

8. A data recording/reproducing system in accord- 
ance with claim 7, wherein said key decrypting 
means is provided for said tuner apparatus. 

9. A data recording/reproducing system in accord- so 
ance with claim 8, wherein said public key and said 
secret key are keys inherent in said tuner appara- 
tus. 

10. A data recording/reproducing system in accord- 35 
ance with claim 8, wherein said public key and said 
secret key are keys inherent in the device model of 
said tuner apparatus. 

11- A data recording/reproducing system in accord- 40 
ance with claim 8, wherein said tuner apparatus 
has a card reading means capable of reading infor- 
mation recorded on an IC card. 

12. A data recording/reproducing system in accord- 45 
ance with claim 11, wherein said public key and 
said secret key are keys inherent in the user ID 
recorded on said IC card. 

13. A data recording/reproducing system in accord- so 
ance with claim 11, wherein said public key and 
said secret key are keys inherent in the service 
recorded on said IC card. 

14. A data recording/reproducing system in accord- ss 
ance with claim 12, wherein in addition to said key 
inherent in said user ID, a public key inherent in at 
least another user ID is recorded on said IC card, 


said key encrypting means encrypts said contents 
key by using said public key inherent in said other 
user ID, in addition to said second encrypting, 
thereby to generate another encrypted contents 
key for each pifclic key inherent in said other user 
ID, and said recording means records said other 
encrypted contents key, in addition to said 
encrypted contents key 

15. A data recording/reproducing system in accord- 
ance with one of claims 8 to 14, wherein said key 
encrypting means is provided for said tuner appara- 
tus or said VTR apparatus. 

16. A data recording/reproducing system in accord- 
ance with claim 15, wherein, in the case when said 
key encrypting means is provided for said VTR 
apparatus, said tuner apparatus has a second key 
encrypting means for encrypting said contents key 
by using a common key, and said VTR apparatus 
has a second key decrypting means for decrypting 
said contents key encrypted by using said common 
key. 

17. A data recording/reproducing system in accord- 
ance with claim 7, wherein said public key and said 
secret key are keys inherent in said VTR apparatus, 
and said key encrypting means and said key 
decrypting means are provided for said VTR appa- 
ratus. 

18. A data recording/reproducing system in accord- 
ance with claim 17, wherein said tuner apparatus 
has a second key encrypting means for encrypting 
said contents key by using a common key and a 
second key decrypting means for decrypting said 
contents key encrypted by using said common key, 
said VTR apparatus has a third key encrypting 
means for encrypting said contents key by using 
said common key and a third key decrypting means 
tot decrypting said contents key encrypted by using 
said common key, said third key decrypting means 
decrypts said contents key encrypted by said sec- 
ond key encrypting means, and said second key 
decrypting means decrypts said contents key 
encrypted by said third second key encrypting 
means. 

19. A data recording/reproducing system in accord- 
ance with claim 6, wherein said second encrypting 
and said decrypting of said encrypted contents key 
are executed by using a common key, and said key 
encrypting means and said key decrypting means 
are provided for said tuner apparatus. 

20. A data recordingfreproducing system in accord- 
ance with claim 19, wherein said common key is 
inherent in said tuner apparatus or the device 
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wherein said relationship information is information 
related by a date/time when said contents encrypt- 
ing means receives said digital data, a date/time 
when said contents encrypting means encrypts 
said digital data by using said contents key, a 
date/time when said key-encrypting key generating 
means generates said key-encrypting key, a 
date/time when said storing means stores said key- 
encrypting key, a date/time when said key encrypt- 
ing means encrypts said contents key by using said 
key-encrypting key, or a dateAime when said 
recording means records said encrypted digital 
data on said predetermined recording medium. 

48. A recording apparatus in accordance with claim 46 
or 47, wherein a contents key generating means for 
generating said contents key is provided, and said 
contents encrypting means receives said contents 
key from said contents key generating means. 

49. A recording apparatus in accordance with claim 46 
or 47, wherein said contents encrypting means 
receives said contents key from a broadcasting sta- 
tion and uses said contents key. 

50. A reproducing apparatus comprising: 

a key-encrypting key obtaining means for 
receiving said relationship information on said 
recording medium of said recording apparatus 
in accordance with one of claims 46 to 49, for 
specifying a key-encrypting key corresponding 
to said encrypted digital data to be reproduced 
on the basis of said relationship information, for 
judging whether said key-encrypting key satis- 
fies a predetermined condition, and for taking 
out said key-encrypting key from said storing 
means of said recording apparatus when said 
condition is satisfied, or for not taking out said 
key-encrypting key from said storing means 
when said condition is not satisfied, 
a key decrypting means for receiving said 
encrypted contents key corresponding to said 
encrypted digital data to be reproduced, from 
said predetermined recording medium, for 
receiving said key-encrypting key, and for 
decrypting said encrypted contents key by 
using said key-encrypting key to restore said 
contents key, and 

a contents decrypting means for decrypting 
said encrypted digital data by using said con- 
tents key from said key decrypting means. 

51. A reproducing apparatus in accordance with claim 
50, wherein said predetermined condition is that 
more than a predetermined time has passed after 
said key-encrypting key was stored in said storing 
means of said recording apparatus in accordance 


with one of claims 46 to 49. 

52. A reproducing apparatus in accordance with claim 
50, wherein said predetermined condition is that 

5 the number of times said key-encrypting key is used 
at the time of reproducing said encrypted digital 
data exceeds a predetermined number of times. 

53. A recording apparatus comprising: 

10 

a contents key generating means for generat- 
ing a contents key for encrypting digital data, 
a storing means for storing said contents key 
generated by said contents key generating 
is means and for deleting said contents key here- 

after if said contents key satisfies a predeter- 
mined condition, 

a contents encrypting means for encrypting 
said digital data by using said contents key, 

20 a relationship information generating means for 

generating the relationship information 
between said encrypted digital data encrypted 
by using said contents key and said contents 
key, and a recording means for receiving said 

25 encrypted digital data and all or part of said 

relationship information, and for recording 
them on a predetermined recording medium. 

54. A recording apparatus in accordance with claim 53, 
30 wherein said predetermined condition is that more 

than a predetermined time has passed after said 
contents key was stored. 

55. A recording apparatus in accordance with claim 53 
35 or 54, wherein said relationship information is infor- 
mation related by a date/time when said contents 
encrypting means receives said digital data, a 
date/time when said contents encrypting means 
encrypts said digital data by using said contents 

40 key, a date/time when said contents key generating 
means generates said contents key, a date/time 
when said storing means stores said contents key, 
or a date/time when said recording means records 
said encrypted digital data on said predetermined 

45 recording medium. 

56. A recording apparatus in accordance with claim 53, 
wherein said predetermined condition is that the 
number of times said key-encrypting key is used at 

so the time of reproducing said encrypted digital data 
exceeds a predetermined number of times. 

57. A reproducing apparatus comprising: 

55 a contents-key obtaining means for receiving 

said relationship information on said recording 
medium of said recording apparatus in accord- 
ance with one of claims 53 to 56, for specifying 
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rtal data and a contents key for encrypting said 
digital data and for subjecting said digital data 
to first encrypting by using said contents key to 
generate encrypted digital data, 
a key-encrypting key generating means for 
generating a key-encrypting key for subjecting 
said contents key to second encrypting, 
a storing means for storing said key-encrypting 
key and for deleting said key-encrypting key 
hereafter if said key-encrypting key satisfies a 
predetermined condition, 
a key encrypting means for generating a 
encrypted contents key by subjecting said con- 
tents key to said second encrypting by using 
said key-encrypting key, 
a relationship information generating means for 
generating the relationship information 
between said encrypted digital data encrypted 
by using said contents key and said key- 
encrypting key obtained by encrypting said 
contents key, and 

a recording means for receiving said encrypted 
digital data, said encrypted contents key and all 
or part of said relationship information and for 
recording them on a predetermined recording 
medium. 


means. 


44. 


w 
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20 


25 


40. A recording apparatus in accordance with claim 39, 
wherein said predetermined condition is that more 
than a predetermined time has passed after said 30 
key-encrypting key was stored. 


A recording apparatus in accordance with one of 
claims 39 to 42, wherein said contents encrypting 
means receives said contents key from a broad- 
casting station and uses said contents key. 

45. A reproducing apparatus comprising: 

a key-encrypting key obtaining means for 
receiving said relationship information on said 
recording medium of said recording apparatus 
in accordance with one of claims 39 to 44, for 
specifying a key-encrypting key corresponding 
to said encrypted digital data to be reproduced 
on the basis of said relationship information, 
and for retrieving and obtaining said key- 
encrypting key from said storing means of said 
recording means, 

a key decrypting means for receiving said 
encrypted contents key corresponding to said 
encrypted digital data to be reproduced, from 
said predetermined recording medium, for 
receiving said key-encrypting key, and for 
decrypting said encrypted contents key by 
using said key-encrypting key, and 
a contents decrypting means for decrypting 
said encrypted digital data by using said con- 
tents key from said key decrypting means. 


41 ' A r r^ i ft i^^ ^ 

or 40, wherein said relationship information is infor- 
mation related by a date/time when said contents 
encrypting means receives said digital data, a 
date/time when said contents encrypting means 
encrypts said digital data by using said contents 
key, a date/time when said key-encrypting key gen- 
erating means generates said key-encrypting key, a 
date/time when said storing means stores said key- 
encrypting key, a date/time when said key encrypt- 
ing means encrypts said contents key by using said 
key-encrypting key, or a date/time when said 
recording means records said encrypted digital 
data on said predetermined recording medium. 


35 
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45 


42. 


43. 


A recording apparatus in accordance with claim 39, 
wherein said predetermined condition is that the 
number of times said key-encrypting key is used at 
the time of reproducing said encrypted digital data 
exceeds a predetermined number of times. 

A recording apparatus in accordance with one of 
claims 39 to 42, wherein a contents key generating 
means for generating said contents key is provided, 
and said contents encrypting means receives said 
contents key from said contents key generating 
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46. A recording apparatus comprising: 

a corrteiteencr^^^ 
ital data and a contents key for encrypting said 
digital data and for subjecting said digital data 
to first encrypting by using said contents key to 
generate encrypted digital data, 
a key-encrypting key generating means for 
generating a key-encrypting key for subjecting 
said contents key to second encrypting, 
a storing means for storing said key-encrypting 
key generated by said key-encrypting key gen- 
erating means, 

a key encrypting means for encrypting said 
contents key by using said key-encrypting key. 
a relationship information generating means for 
generating the relationship information 
between said encrypted digital data encrypted 
by using said contents key and said key- 
encrypting key obtained by encrypting said 
contents key, and 

a recording means for receiving said encrypted 
digital data, said encrypted contents key and ail 
or part of said relationship information and for 
recording them on a predetermined recording 
medium. 

47. A recording apparatus in accordance with claim 46, 
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a contents key corresponding to said encrypted 
digital data to be reproduced on the basis of 
said relationship information, and for retrieving 
and obtaining said contents key from said stor- 
ing means of said recording means, and 5 
a contents decrypting means for receiving said 
encrypted digital data from said predetermined 
recording medium, for receiving said contents 
key, and for decrypting said encrypted digital 
data by using said contents key. w 

58. A recording apparatus comprising: 


a contents key generating means for generat- 
ing a contents key for encrypting digital data, is 
a storing means for storing said contents key 
generated by said contents key generating 
means, 

a contents encrypting means for encrypting 
said digital data by using said contents key to 20 
obtain encrypted digital data, 
a relationship information generating means for 
generating the relationship information 
between said encrypted digital data encrypted 
by using said contents key and said contents 2s 
key, and a recording means for receiving said 
encrypted digital data and all or part of said 
relationship information, and for recording 
them on a predetermined recording medium. 

59. A recording apparatus in accordance with clairn.58, 
wherein said relationship information is information 
Jielatedibv^datefom^ 

ing means receives said digital data, a date/time 
when said contents encrypting means contents- 35 
encrypts said digital data by using said contents 
key, a date/time when said contents key generating 
means generates said contents key, a date/time 
when said storing means stores said contents key, 
or a date/time when said recording means records 40 
said encrypted digital data on said predetermined 
recording medium. 


30 


not satisfied, and 

a contents decrypting means for decrypting 
said encrypted digital data by using said con- 
tents key. 

61. A reproducing apparatus in accordance with claim 
60, wherein said predetermined condition is that 
more than a predetermined time has passed after 
said contents key was stored in said storing means 
of said recording apparatus in accordance with 
claim 58 or 59. 

62. A reproducing apparatus in accordance wfth claim 
60, wherein said predetermined condition is that 
the number of times said contents key is used at the 
time of reproducing said encrypted digital data 
exceeds a predetermined number of times. 

63. A recording apparatus in accordance with one of 
claims 39 to 44, one of claim 46 or 49, one of claim 
53 or 56, or one of claims 58 to 59, provided with a 
billing means for charging the amount of billing for 
recording said data at the time when said recording 
means records said encrypted digital data on said 
predetermined recording medium. 

64. A recording apparatus in accordance with one of 
claims 39 to 44, one of claim 46 or 49, one of claim 
53 or 56, or one of claims 58 to 59, wherein said 
predetermined recording medium is a video tape. 

65. A recording apparatus in accordance with one of 

rdai^ 

53 or 56, or one of claims 58 to 59, wherein said 
predetermined recording medium is a hard disk. 

66. A program medium containing programs for attain- 
ing all or part of said components in accordance 
with one of claims 1 to 65. 


I 60. A reproducing apparatus comprising: 

45 

a contents-key obtaining means for receiving 
said relationship information on said recording 
medium of said recording apparatus in accord- 
ance with claim 58 or 59, for specifying a con- 
tents key corresponding to said encrypted so 
digital data to be reproduced on the basis of 
said relationship information, for judging 
whether said contents key satisfies a predeter- 
mined condition, and for taking out said con- 
tents key from said storing means of said 55 
recording apparatus when said condition is sat- 
isfied, or for not taking out said contents key 
from said storing means when said condition is 
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